๐ณ๐ฑ
Site.eu
2026-07-09 00:04:10
(3 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
mnsf
2026-07-08 13:05:15
(14 hours ago)
Abuse Detected (11)
Brute-Force
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-08 12:50:20
(14 hours ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
Anonymous
2026-07-08 12:49:22
(14 hours ago)
[da.kdns.gr] httpd-suspicious-path: sites=www.karanton.gr; logs=/var/log/httpd/domains/karanton.gr.l ...
show more
[da.kdns.gr] httpd-suspicious-path: sites=www.karanton.gr; logs=/var/log/httpd/domains/karanton.gr.log; samples=//wp-includes/wlwmanifest.xml | //blog/wp-includes/wlwmanifest.xml | //web/wp-includes/wlwmanifest.xml
show less
Hacking
Web App Attack
๐ง๐ช
cmbplf
2026-07-08 12:48:53
(14 hours ago)
1.422 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
๐ซ๐ฎ
inlink.ltd
2026-07-08 12:40:38
(14 hours ago)
Known malicious PHP file or CMS probe
Web App Attack
๐ช๐ธ
pipeline.es
2026-07-08 12:27:23
(14 hours ago)
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: esc ...
show more
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: escalaturismo.com.br 34.136.163.3 - - [08/Jul/2026:14:24:56 +0200] \"GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1\" 404 19314 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36\" GEOIP_COUNTRY_CODE=US | ASN: GOOGLE-CLOUD-PLATFORM | Country: US
show less
Port Scan
Web App Attack
๐ฌ๐ง
venus.launch.bz
2026-07-08 12:21:29
(14 hours ago)
(wpscan) WordPress probe detected from 34.136.163.3 (US/United States/3.163.136.34.bc.googleusercont ...
show more
(wpscan) WordPress probe detected from 34.136.163.3 (US/United States/3.163.136.34.bc.googleusercontent.com)
show less
Hacking
๐จ๐ญ
Ribeye375
2026-07-08 12:19:07
(14 hours ago)
HIPS rce-attempt - Block tcp/0:65535
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 12:14:52
(15 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.136.163.3 (3.163.136.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.136.163.3 (3.163.136.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 08:14:50.005364 2026] [security2:error] [pid 20289:tid 20289] [client 34.136.163.3:63140] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dianamead.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dianamead.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak4_OU5BKqSWsv3k9lnUhgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 11:57:33
(15 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.136.163.3 (3.163.136.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.136.163.3 (3.163.136.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:57:27.150629 2026] [security2:error] [pid 11957:tid 11963] [client 34.136.163.3:55639] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dejacats.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dejacats.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ak47J_mzZzzXlSBTzegVggAAAEI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-07-08 11:52:15
(15 hours ago)
http-probing - IP: 34.136.163.3 - time="2026-07-08T13:52:15+02:00" level=info msg="(555f66b4f6a7455 ...
show more
http-probing - IP: 34.136.163.3 - time="2026-07-08T13:52:15+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.136.163.3 (US/396982) : 4h ban on Ip 34.136.163.3" module=db
show less
Web App Attack
๐บ๐ธ
ersei.net
2026-07-08 11:52:04
(15 hours ago)
Nonstop scanning with no cooldown or respect for 429.
Bad Web Bot
๐ณ๐ฑ
wlt-blocker
2026-07-08 11:49:26
(15 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-08 11:49:16
(15 hours ago)
Probing websites for vulnerabilities
Web App Attack