๐ซ๐ท
SpaceHost-Server
2026-07-13 22:30:35
(2 days ago)
Brute-Force
Web App Attack
Anonymous
2026-07-13 20:17:55
(2 days ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-07-13 16:04:34
(2 days ago)
7.578 requests in 1 hour (3mos1w5d)
Brute-Force
Bad Web Bot
๐ฉ๐ช
FeG Deutschland
2026-07-13 15:42:26
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-07-13 15:42:04
(2 days ago)
Wordfence waf block on flintlocal432
Web App Attack
๐จ๐ญ
backslash
2026-07-13 15:42:00
(2 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
Anonymous
2026-07-13 15:41:19
(2 days ago)
[ns65.kdns.gr] httpd-suspicious-path: sites=www.example.com; logs=/var/log/httpd/access_log; samples ...
show more
[ns65.kdns.gr] httpd-suspicious-path: sites=www.example.com; logs=/var/log/httpd/access_log; samples=/wp-includes/wlwmanifest.xml | /blog/wp-includes/wlwmanifest.xml | /web/wp-includes/wlwmanifest.xml
show less
Hacking
Web App Attack
๐ต๐ฑ
sefinek.net
2026-07-13 15:39:06
(2 days ago)
Triggered Cloudflare WAF (firewallCustom) from BE.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoi ...
show more
Triggered Cloudflare WAF (firewallCustom) from BE.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoint: //sito/wp-includes/wlwmanifest.xml | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
macrob
2026-07-13 15:37:04
(2 days ago)
2026/07/13 15:37:00 [error] 3202981#3202981: *373117430 access forbidden by rule, client: 34.76.184. ...
show more
2026/07/13 15:37:00 [error] 3202981#3202981: *373117430 access forbidden by rule, client: 34.76.184.217, server: binixo.com, request: "GET //wp-includes/wlwmanifest.xml HTTP/2.0", host: "binixo.com"
2026/07/13 15:37:00 [error] 3202981#3202981: *373117440 access forbidden by rule, client: 34.76.184.217, server: binixo.com, request: "GET //xmlrpc.php?rsd HTTP/2.0", host: "binixo.com"
2026/07/13 15:37:02 [error] 3202984#3202984: *373117499 access forbidden by rule, client: 34.76.184.217, server: binixo.com, request: "GET //blog/wp-includes/wlwmanifest.xml HTTP/2.0", host: "binixo.com"
...
show less
Web App Attack
๐ท๐บ
DZBOT
2026-07-13 15:35:37
(2 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
mondor.ro
2026-07-13 15:30:47
(2 days ago)
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.76.184.217, Reason: ...
show more
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.76.184.217, Reason:[(manifest) WordPress wlwmanifest.xml Attack 34.76.184.217 (BE/Belgium/217.184.76.34.bc.googleusercontent.com): 10 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:
show less
Port Scan
๐ฉ๐ช
LRob
2026-07-13 15:29:45
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: //xmlrpc.php | UA: Mozilla/5.0 (Windows N ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: //xmlrpc.php | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
show less
Brute-Force
Web App Attack
๐ช๐ธ
pipeline.es
2026-07-13 15:27:20
(2 days ago)
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: vid ...
show more
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: vidatour.com.br 34.76.184.217 - - [13/Jul/2026:17:22:54 +0200] \"GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1\" 404 18890 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36\" GEOIP_COUNTRY_CODE=BE | ASN: GOOGLE-CLOUD-PLATFORM | Country: BE
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 15:25:39
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 34.76.184.217 (217.184.76.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.76.184.217 (217.184.76.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 11:25:35.536514 2026] [security2:error] [pid 4343:tid 4343] [client 34.76.184.217:64300] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||livingawakenedbook.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "livingawakenedbook.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alUDb6C3husC4SWNCqxargAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-13 15:22:53
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH