๐บ๐ธ
mnsf
2026-07-06 13:05:11
(21 hours ago)
Too many Status 40X (14)
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-06 13:00:49
(21 hours ago)
7.538 requests in 1 hour (2mos3w6d)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-06 12:41:34
(22 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.11.57.130 (130.57.11.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.11.57.130 (130.57.11.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:41:26.978095 2026] [security2:error] [pid 7211:tid 7211] [client 34.11.57.130:57449] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||test.wealthsec.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "test.wealthsec.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akuidjQYnLWAx2kw0CHCbwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2026-07-06 12:39:07
(22 hours ago)
URL Probing: /wp1/wp-includes/wlwmanifest.xml
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-06 12:35:14
(22 hours ago)
34.11.57.130 - - [06/Jul/2026:14:35:11 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5.0 ...
show more
34.11.57.130 - - [06/Jul/2026:14:35:11 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.57.130 - - [06/Jul/2026:14:35:11 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.57.130 - - [06/Jul/2026:14:35:12 +0200] "POST //xmlrpc.php HTTP/1.1" 200 6356 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Hacking
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-06 12:32:38
(22 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ฌ๐ง
OptimusGO
2026-07-06 12:26:29
(22 hours ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-07-06 13:26:29 UTC
Log evidence:
34.11.57.130 - - [06/Jul/2026:13:23:57 +0100] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.57.130 - - [06/Jul/2026:13:23:57 +0100] "GET /feed/ HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.11.57.130 - - [06/Jul/2026:13:23:58 +0100] "GET /xmlrpc.php?rsd HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Port Scan
Brute-Force
๐ซ๐ท
dynamix
2026-07-06 12:19:16
(22 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐จ๐ญ
backslash
2026-07-06 12:18:00
(22 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฉ๐ช
filstal.org
2026-07-06 12:16:07
(22 hours ago)
WordPress login brute-force detected.
Brute-Force
Web App Attack
๐ฌ๐ท
setupgr
2026-07-06 12:11:29
(22 hours ago)
(XMLRPC) WP XMLRPC Attack 34.11.57.130 (US/United States/District of Columbia/Washington D.C./-/[AS3 ...
show more
(XMLRPC) WP XMLRPC Attack 34.11.57.130 (US/United States/District of Columbia/Washington D.C./-/[AS396982 GOOGLE-CLOUD-PLATFORM]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 34.11.57.130 - - [06/Jul/2026:15:08:43 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 200 828 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Port Scan
๐บ๐ธ
ambor
2026-07-06 12:11:10
(22 hours ago)
Honeypot triggered on tcpdata.com - Attempted to access //wp-includes/ID3/license.txt (wordpress_pro ...
show more
Honeypot triggered on tcpdata.com - Attempted to access //wp-includes/ID3/license.txt (wordpress_probe). User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
show less
Web App Attack
๐ฎ๐น
VHosting
2026-07-06 12:10:05
(22 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐จ๐ญ
Origon
2026-07-06 12:09:17
(22 hours ago)
http-probing - IP: 34.11.57.130 - time="2026-07-06T14:09:17+02:00" level=info msg="(555f66b4f6a7455 ...
show more
http-probing - IP: 34.11.57.130 - time="2026-07-06T14:09:17+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.11.57.130 (US/396982) : 4h ban on Ip 34.11.57.130" module=db
show less
Web App Attack
๐ณ๐ฟ
Tripwire
2026-07-06 12:05:23
(22 hours ago)
Scanning for exploits - //wp-includes/ID3/license.txt
Web App Attack