๐บ๐ธ
mnsf
2026-06-25 21:32:08
(5 days ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
infra-monitor
2026-06-25 13:00:08
(6 days ago)
Automated ban via infra-monitor: wp-sensitive-paths, wordpress-probe, crowdsecurity/http-probing
Port Scan
Web App Attack
๐ง๐ช
cmbplf
2026-06-25 12:35:19
(6 days ago)
2.164 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
Anonymous
2026-06-25 12:31:48
(6 days ago)
34.58.158.79 - - [25/Jun/2026:14:31:46 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "- ...
show more
34.58.158.79 - - [25/Jun/2026:14:31:46 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:31:47 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:31:47 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:31:47 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:31:47 +0200] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1" 404
...
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-25 12:28:02
(6 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฎ๐น
madaello
2026-06-25 12:24:39
(6 days ago)
34.58.158.79 - - [25/Jun/2026:14:24:38 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 563 " ...
show more
34.58.158.79 - - [25/Jun/2026:14:24:38 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 563 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:24:38 +0200] "GET //xmlrpc.php?rsd HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:24:38 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 563 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:24:38 +0200] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 563 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.58.158.79 - - [25/Jun/2026:14:24:38 +0200] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 563 "-" "Mozill
...
show less
Port Scan
๐ณ๐ด
jad-abuse
2026-06-25 12:19:14
(6 days ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. O ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: xmlrpc. Observed by 1 sensor(s); 18 hits.
show less
Brute-Force
Web App Attack
๐ต๐ฑ
strefapi_com
2026-06-25 12:16:46
(6 days ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack
๐ฉ๐ช
Viveronese
2026-06-25 12:11:00
(6 days ago)
HTTP vulnerability scanning
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-06-25 12:09:57
(6 days ago)
Probing websites for vulnerabilities
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-25 12:09:42
(6 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
Anonymous
2026-06-25 12:06:04
(6 days ago)
Trying to access config files
Web App Attack
๐ช๐ธ
pipeline.es
2026-06-25 12:02:36
(6 days ago)
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: gea ...
show more
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: geaweb.pt 34.58.158.79 - - [25/Jun/2026:13:59:53 +0200] \"GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1\" 404 20594 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36\" GEOIP_COUNTRY_CODE=US | ASN: GOOGLE-CLOUD-PLATFORM | Country: US
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 12:01:12
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 34.58.158.79 (79.158.58.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.58.158.79 (79.158.58.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 08:01:08.013917 2026] [security2:error] [pid 10059:tid 10096] [client 34.58.158.79:59404] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||greencitymethods.philacentric.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "greencitymethods.philacentric.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aj0YhM_mla6gaXUUqe0vMAAAAUg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-06-25 11:55:03
(6 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack