๐ณ๐ฑ
0xffffffff
2026-07-05 14:42:31
(10 hours ago)
[2026-07-05 17:42:29.848101] [authz_core:error] [pid 1524679:tid 129086853371584] [client 34.141.137 ...
show more
[2026-07-05 17:42:29.848101] [authz_core:error] [pid 1524679:tid 129086853371584] [client 34.141.137.17:0] AH01630: client denied by server configuration: /var/www/*/wp-includes/ID3/license.txt , error_notes:double-slash , URI:'/wp-includes/ID3/license.txt'
[2026-07-05 17:42:29.876392] [authz_core:error] [pid 1524678:tid 129086945863360] [client 34.141.137.17:0] AH01630: client denied by server configuration: /var/www/*/feed , error_notes:double-slash , URI:'/feed/'
[2026-07-05 17:42:29.962621] [authz_core:error] [pid 1524679:tid 129087021397696] [client 34.141.137.17:0] AH01630: client denied by server configuration: /var/www/*/xmlrpc.php , error_notes:double-slash , URI:'/xmlrpc.php?rsd'
[2026-07-05 17:42:29.984806] [authz_core:error] [pid 1524678:tid 129086971041472] [client 34.141.137.17:0] AH01630: client denied by server configuration: /var/www/*/blog , error_notes:double-slash , URI:'/blog/wp-includes/wlwmanifest.xml'
[2026-07-05 17:42:30.022938] [authz_core:error] [pid 1524679:tid 129086962648768] [cl
show less
Web App Attack
Bad Web Bot
๐ณ๐ฑ
Savvii
2026-07-05 14:41:07
(10 hours ago)
10 attempts against mh_ha-misc-ban on beach
Brute-Force
Web App Attack
๐ฌ๐ง
pinguin
2026-07-05 14:38:06
(10 hours ago)
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/1.1 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from NL.
Action taken: LOG
Protocol: HTTP/1.1 (GET method)
Endpoint: //cms/wp-includes/wlwmanifest.xml
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
strxmpp
2026-07-05 14:34:42
(10 hours ago)
34.141.137.17 - - [05/Jul/2026:16:34:41 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 539 " ...
show more
34.141.137.17 - - [05/Jul/2026:16:34:41 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 539 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Bad Web Bot
๐ฉ๐ช
NihiliousMonk
2026-07-05 14:34:04
(10 hours ago)
Fail2Ban report from jail npm-scanners
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-05 14:31:35
(10 hours ago)
43.361 requests with url.path */xmlrpc.php
43.287 requests with url.path //xmlrpc.php
2.576 reque ...
show more
43.361 requests with url.path */xmlrpc.php
43.287 requests with url.path //xmlrpc.php
2.576 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
๐จ๐ญ
backslash
2026-07-05 14:21:00
(10 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฉ๐ช
big-cloud.nl
2026-07-05 14:12:56
(11 hours ago)
Try to access /xmlrpc.php?rsd
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 14:12:01
(11 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.141.137.17 (17.137.141.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.141.137.17 (17.137.141.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 10:11:53.767258 2026] [security2:error] [pid 5563:tid 5563] [client 34.141.137.17:65167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||promoadvocate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "promoadvocate.com"] [uri "/blog/wp-json/wp/v2/users/"] [unique_id "akpmKfUI5IhsDr3XWe8hkQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
Francisco Vallejo
2026-07-05 14:09:52
(11 hours ago)
[Sun Jul 05 16:09:51.483598 2026] [authz_core:error] [pid 2052737:tid 129641146730176] [client 34.14 ...
show more
[Sun Jul 05 16:09:51.483598 2026] [authz_core:error] [pid 2052737:tid 129641146730176] [client 34.141.137.17:64377] AH01630: client denied by server configuration: proxy:https://localhost:9090/wp-includes/ID3/license.txt
[Sun Jul 05 16:09:51.534936 2026] [authz_core:error] [pid 2052737:tid 129640140097216] [client 34.141.137.17:64377] AH01630: client denied by server configuration: proxy:https://localhost:9090/feed/
[Sun Jul 05 16:09:51.609851 2026] [authz_core:error] [pid 2052737:tid 129640744076992] [client 34.141.137.17:64377] AH01630: client denied by server configuration: proxy:https://localhost:9090/xmlrpc.php
[Sun Jul 05 16:09:51.648774 2026] [authz_core:error] [pid 2052737:tid 129640131704512] [client 34.141.137.17:64377] AH01630: client denied by server configuration: proxy:https://localhost:9090/blog/wp-includes/wlwmanifest.xml
[Sun Jul 05 16:09:51.705674 2026] [authz_core:error] [pid 2052737:tid 129641155122880] [client 34.141.137.17:64377] AH01630: client denied by server c
...
show less
Brute-Force
SSH
๐ฉ๐ช
Ba-Yu
2026-07-05 14:07:06
(11 hours ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-05 14:07:06
(11 hours ago)
Unauthorized access to webpage admin
Web App Attack
Anonymous
2026-07-05 14:04:12
(11 hours ago)
Attac
Brute-Force
๐จ๐ญ
lufi
2026-07-05 14:02:16
(11 hours ago)
2026-07-05 16:02:16 34.141.137.17: blacklisted Pattern: wp-includes/
...
Web Spam
Brute-Force
Hacking
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-05 14:00:26
(11 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.141.137.17 (17.137.141.34.bc.goo ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.141.137.17 (17.137.141.34.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack