π©πͺ
Vegascosmetics
2026-05-18 21:50:53
(1 month ago)
Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned
Hacking
Bad Web Bot
Web App Attack
π¦πΉ
BerndG17
2026-05-18 09:14:00
(1 month ago)
again boring scan for media/wp-includes/wlwmanifest.xml etc. pp. β guys, don't use this outdated Mic ...
show more
again boring scan for media/wp-includes/wlwmanifest.xml etc. pp. β guys, don't use this outdated Microsoft stuff ...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-18 08:36:11
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 34.82.208.77 (77.208.82.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.82.208.77 (77.208.82.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 04:36:06.140488 2026] [security2:error] [pid 19377:tid 19377] [client 34.82.208.77:55150] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||barriebrown.com.thephysicsroom.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "barriebrown.com.thephysicsroom.com"] [uri "/wordpress/wp-json/wp/v2/users/"] [unique_id "agrPdqBe_qb3fbvPa-Vk1gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-05-18 08:36:00
(1 month ago)
(xmlrpc) Apache: Failed xmlrpc access from 34.82.208.77 (US/United States/77.208.82.34.bc.googleuser ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 34.82.208.77 (US/United States/77.208.82.34.bc.googleusercontent.com): 10 in the last 3600 secs (0-201)
show less
Hacking
π¦πΊ
KevinNeale
2026-05-18 08:24:49
(1 month ago)
34.82.208.77 - - [18/May/2026:18:24:48 +1000] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 493 "- ...
show more
34.82.208.77 - - [18/May/2026:18:24:48 +1000] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 493 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Brute-Force
Web App Attack
π©πͺ
SCHAPPY
2026-05-18 08:20:36
(1 month ago)
Brute-force attack to identify web exploits
Brute-Force
Web App Attack
π«π·
dynamix
2026-05-18 08:18:12
(1 month ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π«π·
breubit
2026-05-18 08:15:08
(1 month ago)
34.82.208.77 - - [18/May/2026:10:15:07 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 302 984 " ...
show more
34.82.208.77 - - [18/May/2026:10:15:07 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 302 984 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Web App Attack
π³πΏ
Antinson
2026-05-18 08:14:55
(1 month ago)
Scraping with a high error ratio and request rate
Bad Web Bot
π¨π
Origon
2026-05-18 08:12:10
(1 month ago)
http-probing - IP: 34.82.208.77 - time="2026-05-18T10:12:10+02:00" level=info msg="(555f66b4f6a7455 ...
show more
http-probing - IP: 34.82.208.77 - time="2026-05-18T10:12:10+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 34.82.208.77 (US/396982) : 4h ban on Ip 34.82.208.77" module=db
show less
Web App Attack
π³π±
Site.eu
2026-05-18 08:06:35
(1 month ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
π§πͺ
cmbplf
2026-05-18 08:03:31
(1 month ago)
149.511 requests in 1 hour (2mos3w6d)
Brute-Force
Bad Web Bot
π§πͺ
taivas.nl
2026-05-18 08:02:12
(1 month ago)
Bad_requests
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-05-18 08:02:06
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 34.82.208.77 (77.208.82.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.82.208.77 (77.208.82.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 04:02:01.624797 2026] [security2:error] [pid 2058:tid 2058] [client 34.82.208.77:53918] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arapi.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arapi.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "agrHeVVf6Sc138MDD6SXOAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2026-05-18 07:51:00
(1 month ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot