๐ซ๐ท
SpaceHost-Server
2026-07-16 22:27:23
(24 minutes ago)
Brute-Force
Web App Attack
๐ฉ๐ช
macrob
2026-07-16 13:55:23
(8 hours ago)
2026/07/16 13:55:18 [error] 3867855#3867855: *381344368 access forbidden by rule, client: 172.104.16 ...
show more
2026/07/16 13:55:18 [error] 3867855#3867855: *381344368 access forbidden by rule, client: 172.104.161.125, server: bin.partners, request: "GET /wp-includes/id3/license.txt/feed/ HTTP/2.0", host: "bin.partners"
2026/07/16 13:55:19 [error] 3867855#3867855: *381344402 access forbidden by rule, client: 172.104.161.125, server: bin.partners, request: "GET /wp-includes/id3/license.txt/xmlrpc.php?rsd HTTP/2.0", host: "bin.partners"
2026/07/16 13:55:20 [error] 3867859#3867859: *381344431 access forbidden by rule, client: 172.104.161.125, server: bin.partners, request: "GET /wp-includes/id3/license.txt/blog/wp-includes/wlwmanifest.xml HTTP/2.0", host: "bin.partners"
...
show less
Web App Attack
๐ฉ๐ช
kkwemi
2026-07-16 13:52:38
(8 hours ago)
Blocked by block-exploit-paths on /wp-includes/ID3/license.txt
Bad Web Bot
๐ซ๐ท
dynamix
2026-07-16 13:16:23
(9 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ธ๐ฎ
valryx
2026-07-16 12:58:37
(9 hours ago)
๐ก๏ธ Fail2ban - Jail: nginx-cms-exploits
Log entries:
172.104.161.125 - - [16/Jul/2026:12:58:36 +0000] ...
show more
๐ก๏ธ Fail2ban - Jail: nginx-cms-exploits
Log entries:
172.104.161.125 - - [16/Jul/2026:12:58:36 +0000] "GET /wp-includes/id3/license.txt/feed/ HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Web App Attack
Anonymous
2026-07-16 11:48:31
(11 hours ago)
(wordpress) Failed wordpress login from 172.104.161.125 (SG/Singapore/172-104-161-125.ip.linodeuserc ...
show more
(wordpress) Failed wordpress login from 172.104.161.125 (SG/Singapore/172-104-161-125.ip.linodeusercontent.com)
show less
Brute-Force
๐บ๐ธ
KitsuneTech
2026-07-16 11:01:58
(11 hours ago)
172.104.161.125 - - [16/Jul/2026:06:01:58 -0500] "GET /xmlrpc.php?rsd HTTP/1.1" 301 286 "-" "Mozilla ...
show more
172.104.161.125 - - [16/Jul/2026:06:01:58 -0500] "GET /xmlrpc.php?rsd HTTP/1.1" 301 286 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-07-16 08:46:44
(14 hours ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after attack pattern. Vegas Security
Hacking
Web App Attack
๐ต๐ฑ
sefinek.net
2026-07-16 03:48:02
(19 hours ago)
Triggered Cloudflare WAF (firewallCustom) from SG.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoi ...
show more
Triggered Cloudflare WAF (firewallCustom) from SG.
Action: BLOCK | Protocol: HTTP/1.1 (GET) | Endpoint: //test/wp-includes/wlwmanifest.xml | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
Mundo Bueno
2026-07-16 03:41:45
(19 hours ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /wp-json/wp/v2/users | Pays: SG | UA: Mozilla/5.0 (Windo ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /wp-json/wp/v2/users | Pays: SG | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)
show less
Hacking
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-16 02:57:10
(19 hours ago)
[ISILIA Protection v2.1] Tentative d'accรจs: //wp-includes/id3/license.txt | Pays: SG | UA: Mozilla/5 ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: //wp-includes/id3/license.txt | Pays: SG | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 02:27:38
(20 hours ago)
(mod_security) mod_security (id:225170) triggered by 172.104.161.125 (172-104-161-125.ip.linodeuserc ...
show more
(mod_security) mod_security (id:225170) triggered by 172.104.161.125 (172-104-161-125.ip.linodeusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:27:31.134793 2026] [security2:error] [pid 23109:tid 23109] [client 172.104.161.125:56526] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||prostar.industries|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "prostar.industries"] [uri "/wp-json/wp/v2/users/"] [unique_id "alhBk-4azYlsmD7-RtpV7QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
Kitki30.com
2026-07-16 01:06:05
(21 hours ago)
HTTP Probing. Log: 172.104.161.125 - - [16/Jul/2026:01:06:04 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" ...
show more
HTTP Probing. Log: 172.104.161.125 - - [16/Jul/2026:01:06:04 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 00:55:40
(21 hours ago)
XSS Attempt
Hacking
๐ฆ๐บ
nzhost.co.nz
2026-07-15 22:40:50
(1 day ago)
$f2bV_matches
Hacking
Brute-Force