๐ฌ๐ง
thetomtaylor.co.uk
2026-07-15 17:08:01
(2 days ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,m ...
show more
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,ice02,mx01,mx02,mx03,wa01,wa02]
show less
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-15 14:01:35
(2 days ago)
11.685 requests in 1 hour (1mo1w6d)
Brute-Force
Bad Web Bot
๐จ๐ญ
dalslab ltd
2026-07-15 13:45:55
(2 days ago)
34.73.175.44 - - [15/Jul/2026:15:45:53 +0200] "" 400 0 "-" "-"
[15/Jul/2026:15:45:54 +0200] - 404 40 ...
show more
34.73.175.44 - - [15/Jul/2026:15:45:53 +0200] "" 400 0 "-" "-"
[15/Jul/2026:15:45:54 +0200] - 404 404 - GET https converter.dalslab.com "//wp-includes/ID3/license.txt" [Client 34.73.175.44] [Length 9] [Gzip -] [Sent-to 10.1.1.229] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "-"
[15/Jul/2026:15:45:54 +0200] - 404 404 - GET https converter.dalslab.com "//feed/" [Client 34.73.175.44] [Length 9] [Gzip -] [Sent-to 10.1.1.229] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "-"
[15/Jul/2026:15:45:54 +0200] - 404 404 - GET https converter.dalslab.com "//xmlrpc.php?rsd" [Client 34.73.175.44] [Length 9] [Gzip -] [Sent-to 10.1.1.229] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "-"
[15/Jul/2026:15:45:54 +0200] - 404 404 - GET https converter.dalslab.com "//blog/wp-includes/wlwmanifest.
...
show less
Web Spam
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 13:37:33
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.73.175.44 (44.175.73.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.73.175.44 (44.175.73.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 09:37:27.527412 2026] [security2:error] [pid 2658:tid 2658] [client 34.73.175.44:63618] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||consolidatedoperationsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "consolidatedoperationsgroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aleNF-IFII5Mu2VrXIiHnAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-15 13:37:11
(2 days ago)
34.73.175.44 - - [15/Jul/2026:09:37:08 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" ...
show more
34.73.175.44 - - [15/Jul/2026:09:37:08 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 28761 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.73.175.44 - - [15/Jul/2026:09:37:09 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 28754 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.73.175.44 - - [15/Jul/2026:09:37:09 -0400] "GET //2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 28751 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.73.175.44 - - [15/Jul/2026:09:37:10 -0400] "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 28751 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.73.175.44 - - [15/Jul/2026:09:37:10 -0400] "GET //2021/wp-includes/wlwmanifest.xml HTT
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-15 13:34:07
(2 days ago)
34.73.175.44 - - [15/Jul/2026:16:34:06 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 683 "- ...
show more
34.73.175.44 - - [15/Jul/2026:16:34:06 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.73.175.44 - - [15/Jul/2026:16:34:07 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 683 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ช
LRob
2026-07-15 13:26:34
(2 days ago)
CrowdSec: crowdsecurity/http-probing | req: /wp-includes/id3/license.txt/feed/ | 10 distinct paths | ...
show more
CrowdSec: crowdsecurity/http-probing | req: /wp-includes/id3/license.txt/feed/ | 10 distinct paths | UA: -
show less
Port Scan
Web App Attack
๐ฎ๐น
VHosting
2026-07-15 13:20:03
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-15 13:14:13
(2 days ago)
15 attempts against mh-modsecurity-ban on cmdb
Brute-Force
Web App Attack
๐บ๐ธ
Rip
2026-07-15 13:13:28
(2 days ago)
Automated recon attempt targeting restricted and sensitive paths.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 13:05:49
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.73.175.44 (44.175.73.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.73.175.44 (44.175.73.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 09:05:41.597497 2026] [security2:error] [pid 13386:tid 13462] [client 34.73.175.44:50657] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.clearwaterpumpservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.clearwaterpumpservices.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aleFpeKwVXg0fP1HBPl1sgAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2025-11-24 18:04:27
(7 months ago)
13.619 requests with url.path */xmlrpc.php
597 requests with url.path */wp-includes/wlwmanifest.xm ...
show more
13.619 requests with url.path */xmlrpc.php
597 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
๐ฉ๐ช
akasolutions.de
2025-11-24 15:22:10
(7 months ago)
(wordpress) Failed wordpress login from 34.73.175.44 (US/United States/44.175.73.34.bc.googleusercon ...
show more
(wordpress) Failed wordpress login from 34.73.175.44 (US/United States/44.175.73.34.bc.googleusercontent.com)
show less
Brute-Force
๐ฎ๐น
VHosting
2025-11-24 15:20:09
(7 months ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2025-11-24 15:18:23
(7 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack