๐ณ๐ฑ
Site.eu
2026-07-13 13:51:41
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
mnsf
2026-07-13 12:05:06
(2 days ago)
Too many Status 40X (14)
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-13 11:45:55
(2 days ago)
1.856 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-13 11:34:10
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.24.219.233 (233.219.24.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.24.219.233 (233.219.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:34:04.023336 2026] [security2:error] [pid 24533:tid 24533] [client 34.24.219.233:54692] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.fetchamreadingroom.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.fetchamreadingroom.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "alTNLPxgWeHQMhn2PkO_oAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Hary74656
2026-07-13 11:28:37
(2 days ago)
[Mon Jul 13 13:28:29.129987 2026] [core:info] [pid 85567:tid 85652] [client 34.24.219.233:62045] AH0 ...
show more
[Mon Jul 13 13:28:29.129987 2026] [core:info] [pid 85567:tid 85652] [client 34.24.219.233:62045] AH00128: File does not exist: /home/harald/www/fehlende.info/blog/wp-includes/wlwmanifest.xml
...
show less
Bad Web Bot
๐ซ๐ฎ
KnightIndustries
2026-07-13 11:19:46
(2 days ago)
2026-07-13T13:19:44.381726+02:00 milkyway wordpress(fawcettcomputerservices.com)[3257904]: XML-RPC a ...
show more
2026-07-13T13:19:44.381726+02:00 milkyway wordpress(fawcettcomputerservices.com)[3257904]: XML-RPC authentication failure for joshua from 34.24.219.233
2026-07-13T13:19:45.043326+02:00 milkyway wordpress(fawcettcomputerservices.com)[3258207]: XML-RPC authentication failure for joshua from 34.24.219.233
2026-07-13T13:19:45.680054+02:00 milkyway wordpress(fawcettcomputerservices.com)[3258508]: XML-RPC authentication failure for joshua from 34.24.219.233
...
show less
Brute-Force
Web App Attack
๐จ๐ญ
Origon
2026-07-13 11:12:38
(2 days ago)
http-probing - IP: 34.24.219.233 - time="2026-07-13T13:12:38+02:00" level=info msg="(555f66b4f6a745 ...
show more
http-probing - IP: 34.24.219.233 - time="2026-07-13T13:12:38+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.24.219.233 (US/396982) : 4h ban on Ip 34.24.219.233" module=db
show less
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-13 11:10:23
(2 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-07-13 11:10:11
(2 days ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:09:05
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.24.219.233 (233.219.24.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.24.219.233 (233.219.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:09:00.801746 2026] [security2:error] [pid 8533:tid 8562] [client 34.24.219.233:59856] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.gemini.pe|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.gemini.pe"] [uri "/wp-json/wp/v2/users/"] [unique_id "alTHTNKbJ7fKKLAzhMW7mAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 10:56:05
(2 days ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-13 10:53:37
(2 days ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 10:52:57
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.24.219.233 (233.219.24.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.24.219.233 (233.219.24.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 06:52:50.855314 2026] [security2:error] [pid 32425:tid 32446] [client 34.24.219.233:58104] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.executiveconsultingpr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.executiveconsultingpr.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alTDglnO_8O0lEnVDuMZRQAAAU8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-13 10:43:28
(2 days ago)
34.24.219.233 - - [13/Jul/2026:1
...
Brute-Force
๐ฉ๐ช
Skyrider
2026-07-13 10:42:38
(2 days ago)
Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.
Bad Web Bot
Web App Attack