๐ซ๐ท
mail.avx.gr
2026-07-17 13:30:29
(1 day ago)
Plesk Fail2Ban jail: Plesk-WebScanners. Evidence: 34.11.50.50 - - [16/Jul/2026:16:35:04 +0300] "GET ...
show more
Plesk Fail2Ban jail: Plesk-WebScanners. Evidence: 34.11.50.50 - - [16/Jul/2026:16:35:04 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 5446 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Web App Attack
๐ง๐ท
Halux
2026-07-16 14:13:55
(2 days ago)
34.11.50.50 Web Application Firewall multiple violations
Hacking
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-16 14:05:12
(2 days ago)
34.11.50.50 - - [16/Jul/2026:17:05:11 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 683 "-" ...
show more
34.11.50.50 - - [16/Jul/2026:17:05:11 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.50.50 - - [16/Jul/2026:17:05:11 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ฐ
RhQM
2026-07-16 13:59:37
(2 days ago)
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 13:56:40
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.11.50.50 (50.50.11.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:225170) triggered by 34.11.50.50 (50.50.11.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:56:37.125862 2026] [security2:error] [pid 26982:tid 26982] [client 34.11.50.50:54601] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||revision.ws|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "revision.ws"] [uri "/wordpress/wp-json/wp/v2/users/"] [unique_id "aljjFeB5yTvPL3xWPXr2sAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐พ
lns.bz
2026-07-16 13:54:11
(2 days ago)
Too many 404 requests [BY]
Web App Attack
๐ฉ๐ช
raph
2026-07-16 13:51:39
(2 days ago)
[Wordpress] crawler /wp-admin/*, /wp-content/*, etc.
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-07-16 13:42:32
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: //xmlrpc.php | UA: Mozilla/5.0 (Windows N ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: //xmlrpc.php | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
show less
Brute-Force
Web App Attack
๐ฉ๐ช
konseptit
2026-07-16 13:42:14
(2 days ago)
(wordpress) Failed wordpress login from 34.11.50.50 (US/United States/50.50.11.34.bc.googleuserconte ...
show more
(wordpress) Failed wordpress login from 34.11.50.50 (US/United States/50.50.11.34.bc.googleusercontent.com)
show less
Brute-Force
๐จ๐ญ
backslash
2026-07-16 13:42:00
(2 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฉ๐ช
tinect
2026-07-16 13:39:40
(2 days ago)
This IP was detected by CrowdSec triggering tinect/http-sensitive-file-probe
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-16 13:34:56
(2 days ago)
34.11.50.50 - - [16/Jul/2026:09:34:54 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 644 ...
show more
34.11.50.50 - - [16/Jul/2026:09:34:54 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 64417 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.50.50 - - [16/Jul/2026:09:34:55 -0400] "GET //2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 64427 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.50.50 - - [16/Jul/2026:09:34:55 -0400] "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 64427 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.50.50 - - [16/Jul/2026:09:34:55 -0400] "GET //2021/wp-includes/wlwmanifest.xml HTTP/1.1" 404 64427 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.50.50 - - [16/Jul/2026:09:34:55 -0400] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-07-16 13:28:00
(2 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 13:27:31
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.11.50.50 (50.50.11.34.bc.googleusercontent.c ...
show more
(mod_security) mod_security (id:225170) triggered by 34.11.50.50 (50.50.11.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:27:22.516213 2026] [security2:error] [pid 29865:tid 29865] [client 34.11.50.50:62329] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||rame-int.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rame-int.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aljcOimgVpsNb7He7i7QIgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-16 13:27:15
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 247
Exploited Host
Web App Attack