Automated WordPress reconnaissance / vulnerability scan. Single source enumerated wp-includes/wlwman ...
show moreAutomated WordPress reconnaissance / vulnerability scan. Single source enumerated wp-includes/wlwmanifest.xml across ~15 candidate subdirectories (/blog/, /web/, /wordpress/, /website/, /wp/, /news/, /2020/, /2019/, /shop/, /wp1/, /test/, /wp2/, /site/, /cms/, /sito/) within ~5 seconds, using leading double-slash paths (e.g. GET //blog/wp-includes/wlwmanifest.xml). Classic mass WordPress-discovery bot. Activity: 2026-07-08 06:28:18-06:28:23 CEST (UTC+2). All responses 404 - no WordPress present at probed paths.
show less
Automated WordPress reconnaissance / vulnerability scan. Single source enumerated wp-includes/wlwman ...
show moreAutomated WordPress reconnaissance / vulnerability scan. Single source enumerated wp-includes/wlwmanifest.xml across ~16 candidate subdirectories (/blog/, /web/, /wordpress/, /website/, /wp/, /news/, /2018/, /2019/, /shop/, /wp1/, /test/, /media/, /wp2/, /site/, /cms/, /sito/) within ~2 seconds, using leading double-slash paths (e.g. GET //blog/wp-includes/wlwmanifest.xml). Classic mass WordPress-discovery bot. Activity: 2026-07-06 02:46:41-02:46:43 CEST (UTC+2). All responses 404 - no WordPress present at probed paths.
show less
Automated Joomla Helix3 RCE / webshell attempt via python-requests/2.34.2. Sequence per pass: GET /t ...
show moreAutomated Joomla Helix3 RCE / webshell attempt via python-requests/2.34.2. Sequence per pass: GET /templates/shaper_helix3/templateDetails.xml (version fingerprint), POST /index.php?option=com_ajax&plugin=helix3&format=json, then GET for a randomly-named file such as /images/nuja5j.php.json?c=id across /, /images/, /cache/, /media/, /templates/shaper_helix3/ and .../layouts/. The c=id parameter attempts to execute the Unix 'id' command via a dropped shell. Random 6-char names rotated each pass (nuja5j, 3suhpl, fveoxu, s7js6h). Two bursts: 2026-07-06 15:06 and 18:59 CEST (UTC+2). All responses 302/403 - attempt failed.
show less
Automated Joomla Helix3 template exploitation / webshell probe. Repeated POST to /index.php?option=c ...
show moreAutomated Joomla Helix3 template exploitation / webshell probe. Repeated POST to /index.php?option=com_ajax&plugin=helix3&format=json followed by GET requests for 'cox.json' across multiple directories (/, /images/, /media/, /tmp/, /templates/) checking for a dropped webshell. User-Agent rotated per request (iPhone/Firefox/Chrome/Edge/Linux) from one source IP within ~20 seconds. Activity: 2026-07-08 02:55:49 to 02:56:12 CEST (UTC+2). All responses 301/302/403 - attempt failed.
show less
HackingBad Web BotWeb App Attack
By clicking “Accept all”, you agree to the storing of cookies on your device to remember preferences and
analyze site usage.
Read more
- Required to log into your AbuseIPDB account, and store these cookie preferences.