๐ง๐ช
cmbplf
2026-07-10 16:33:52
(5 days ago)
654 requests with url.path */wp-includes/wlwmanifest.xml
Brute-Force
Bad Web Bot
Anonymous
2026-07-10 15:33:25
(5 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
mnsf
2026-07-10 15:05:18
(5 days ago)
Abuse Detected (12)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 14:52:48
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 34.82.203.184 (184.203.82.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.82.203.184 (184.203.82.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:52:41.793004 2026] [security2:error] [pid 17241:tid 17241] [client 34.82.203.184:54548] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.sbip.loneoakhoney.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sbip.loneoakhoney.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alEHOa5ojgpSDF0QxfldLQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
mondor.ro
2026-07-10 14:51:27
(5 days ago)
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.82.203.184, Reason: ...
show more
Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 34.82.203.184, Reason:[(manifest) WordPress wlwmanifest.xml Attack 34.82.203.184 (US/United States/184.203.82.34.bc.googleusercontent.com): 10 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs:
show less
Port Scan
๐ฉ๐ช
ger-stg-sifi1
2026-07-10 14:45:12
(5 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-10 14:43:45
(5 days ago)
Probe hitting //wp-includes/wlwmanifest.xml detected. Whatcha lookin for in there?!
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-10 14:41:30
(5 days ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 14:37:11
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 34.82.203.184 (184.203.82.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.82.203.184 (184.203.82.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:37:07.778116 2026] [security2:error] [pid 783:tid 783] [client 34.82.203.184:52262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||coolcustomproducts.benshermanguitar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coolcustomproducts.benshermanguitar.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alEDk02pr3abta5_yafUigAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
fds.io
2026-07-10 14:35:47
(5 days ago)
detected and blocked multiple http 400 bad-request attempts
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Savvii
2026-07-10 14:32:11
(5 days ago)
15 attempts against mh-modsecurity-ban on pf221107
Brute-Force
Web App Attack
๐บ๐ธ
directorioeducativo.com
2026-07-10 14:25:03
(5 days ago)
GET URL: "//xmlrpc.php"Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, ...
show more
GET URL: "//xmlrpc.php"Agent: "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
show less
Web App Attack
Anonymous
2026-07-10 14:23:51
(5 days ago)
34.82.203.184 - - [10/Jul/2026:16:23:44 +0200] "GET / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Windows ...
show more
34.82.203.184 - - [10/Jul/2026:16:23:44 +0200] "GET / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.82.203.184 - - [10/Jul/2026:16:23:44 +0200] "GET / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.82.203.184 - - [10/Jul/2026:16:23:44 +0200] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.82.203.184 - - [10/Jul/2026:16:23:45 +0200] "GET /xmlrpc.php?rsd HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
34.82.203.184 - - [10/Jul/2026:16:23:45 +0200] "GET / HTTP/1.1" 403 12583 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.390
...
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-10 14:23:48
(5 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐บ๐ธ
omc
2026-07-10 14:21:00
(5 days ago)
GET /wp-includes/wlwmanifest.xml [Q4].
Bad Web Bot