Anonymous
2026-07-14 11:16:06
(1 hour ago)
Web attack blocked by Wordfence on beeldentuinrolduc.nl (1 hit). Reported by CRMON.
Web App Attack
π¬π§
Mendip_Defender
2026-07-14 11:07:31
(1 hour ago)
34.14.53.188 - - [14/Jul/2026:12:07:19 +0100] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 1066 " ...
show more
34.14.53.188 - - [14/Jul/2026:12:07:19 +0100] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 1066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.14.53.188 - - [14/Jul/2026:12:07:19 +0100] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 1066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.14.53.188 - - [14/Jul/2026:12:07:19 +0100] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 1066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Hacking
Web App Attack
πΊπΈ
lostswordfish.com
2026-07-14 11:02:05
(1 hour ago)
Wordfence waf block on baystatereentrynetwork
Web App Attack
π¨π
Ribeye375
2026-07-14 11:01:05
(1 hour ago)
HIPS rce-attempt - Block tcp/0:65535
Hacking
Web App Attack
πΊπΈ
infra-monitor
2026-07-14 11:00:06
(1 hour ago)
Automated ban via infra-monitor: wp-sensitive-paths, wordpress-probe
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 10:47:44
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.14.53.188 (188.53.14.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.14.53.188 (188.53.14.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 06:47:39.687303 2026] [security2:error] [pid 16466:tid 16466] [client 34.14.53.188:59143] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bennoyes.com.arsenaultartistmanagement.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bennoyes.com.arsenaultartistmanagement.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alYTy2bT1tEFpPREHaRGtgAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Marc
2026-07-14 10:47:08
(2 hours ago)
34.14.53.188 - - [14/Jul/2026:12:47:04 +0200] "POST //xmlrpc.php HTTP/1.1" 200 1030 "-" "Mozilla/5.0 ...
show more
34.14.53.188 - - [14/Jul/2026:12:47:04 +0200] "POST //xmlrpc.php HTTP/1.1" 200 1030 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.14.53.188 - - [14/Jul/2026:12:47:07 +0200] "POST //2021//xmlrpc.php HTTP/1.1" 403 1342 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 34.14.53.188 - - [14/Jul/2026:12:47:06 +0200] "POST //xmlrpc.php HTTP/1.1" 200 3483 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Brute-Force
Web App Attack
π¬π§
bensmithurst
2026-07-14 10:46:53
(2 hours ago)
34.14.53.188 - - [14/Jul/2026:10:30:26 +0000] "" 400 0 "-" "-"
34.14.53.188 - - [14/Jul/2026:10:30:2 ...
show more
34.14.53.188 - - [14/Jul/2026:10:30:26 +0000] "" 400 0 "-" "-"
34.14.53.188 - - [14/Jul/2026:10:30:26 +0000] "" 400 0 "-" "-"
34.14.53.188 - - [14/Jul/2026:10:30:27 +0000] "" 400 0 "-" "-"
34.14.53.188 - - [14/Jul/2026:10:46:52 +0000] "" 400 0 "-" "-"
34.14.53.188 - - [14/Jul/2026:10:46:52 +0000] "" 400 0 "-" "-"
... [host=LAN***]
show less
Web App Attack
π³πΏ
Antinson
2026-07-14 10:37:15
(2 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
πΊπ¦
URAN Publishing Service
2026-07-14 10:30:21
(2 hours ago)
34.14.53.188 - - [14/Jul/2026:13:30:20 +0300] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 4522 ...
show more
34.14.53.188 - - [14/Jul/2026:13:30:20 +0300] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 4522 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.14.53.188 - - [14/Jul/2026:13:30:20 +0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 712 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Web App Attack
π§πͺ
cmbplf
2026-07-14 10:30:15
(2 hours ago)
24.061 requests with url.path //xmlrpc.php
23.338 requests with url.path */xmlrpc.php
3.432 reque ...
show more
24.061 requests with url.path //xmlrpc.php
23.338 requests with url.path */xmlrpc.php
3.432 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
π©πͺ
Vegascosmetics
2026-07-14 10:22:32
(2 hours ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after attack pattern. Vegas Security
Hacking
Web App Attack
π·πΊ
DZBOT
2026-07-14 10:20:50
(2 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
π©πͺ
Ba-Yu
2026-07-14 10:19:50
(2 hours ago)
WP-xmlrpc exploit
Web Spam
Blog Spam
Hacking
Exploited Host
Web App Attack
Anonymous
2026-07-14 10:18:26
(2 hours ago)
Detected by CrowdSec: crowdsecurity/http-probing
Web App Attack