๐ญ๐บ
kranem
2026-07-10 15:00:09
(2 days ago)
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF from US.
Action taken: BLOCK
ASN: 396982 (Google LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /site/wp-includes/wlwmanifest.xml
Timestamp: 2026-07-10T14:31:52Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
show less
Bad Web Bot
๐บ๐ฆ
URAN Publishing Service
2026-07-10 14:55:26
(2 days ago)
34.182.233.217 - - [10/Jul/2026:17:55:24 +0300] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 450 ...
show more
34.182.233.217 - - [10/Jul/2026:17:55:24 +0300] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 4501 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.182.233.217 - - [10/Jul/2026:17:55:25 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ช
LRob
2026-07-10 14:52:13
(2 days ago)
CrowdSec: lrob/wp-xmlrpc-bf | req: ["//xmlrpc.php"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64 ...
show more
CrowdSec: lrob/wp-xmlrpc-bf | req: ["//xmlrpc.php"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"]
show less
Brute-Force
Web App Attack
๐ฉ๐ช
thesimonmanuel
2026-07-10 14:41:44
(2 days ago)
34.182.233.217 - - [10/Jul/2026:20:11:38 +0530] "GET //wp-includes/ID3/license.txt HTTP/1.1" 200 139 ...
show more
34.182.233.217 - - [10/Jul/2026:20:11:38 +0530] "GET //wp-includes/ID3/license.txt HTTP/1.1" 200 1396 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "-"
show less
Web App Attack
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-10 14:40:44
(2 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐น๐ญ
thaizone.com
2026-07-10 14:37:14
(2 days ago)
Brute Force Attack on a Web Resources (probe) #1
DDoS Attack
Web Spam
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 14:35:22
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.182.233.217 (217.233.182.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 34.182.233.217 (217.233.182.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:35:17.959940 2026] [security2:error] [pid 3922898:tid 3922898] [client 34.182.233.217:51807] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.texascottagebakers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.texascottagebakers.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alEDJecrddQ15O2E3bmCGAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 14:30:56
(2 days ago)
[10/Jul/2026:14:30:56 +0000] host=test.lovelyrender.com server=test.lovelyrender.com ip=34.182.233.2 ...
show more
[10/Jul/2026:14:30:56 +0000] host=test.lovelyrender.com server=test.lovelyrender.com ip=34.182.233.217 method=GET req=//wp-includes/ID3/license.txt uri=/index.php status=301 bytes=5 rt=0.071 urt=0.072 ref="-" ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Web App Attack
Bad Web Bot
๐ฎ๐น
VHosting
2026-07-10 14:30:04
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฉ๐ช
raph
2026-07-10 14:27:47
(2 days ago)
[Wordpress] crawler /wp-admin/*, /wp-content/*, etc.
Bad Web Bot
Web App Attack
๐บ๐ธ
brightenfield
2026-07-10 14:27:30
(2 days ago)
Web App Attack
Web App Attack
๐จ๐ญ
zynex
2026-07-10 14:27:03
(2 days ago)
URL Probing: /test/wp-includes/wlwmanifest.xml
Web App Attack
๐จ๐ญ
Origon
2026-07-10 14:21:38
(2 days ago)
http-probing - IP: 34.182.233.217 - time="2026-07-10T16:21:38+02:00" level=info msg="(555f66b4f6a74 ...
show more
http-probing - IP: 34.182.233.217 - time="2026-07-10T16:21:38+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.182.233.217 (US/396982) : 4h ban on Ip 34.182.233.217" module=db
show less
Web App Attack