πΊπΈ
lostswordfish.com
2026-07-08 13:06:03
(10 hours ago)
Wordfence waf block on fairregistry
Web App Attack
πΊπΈ
n2nguyenn2nguyen
2026-07-08 12:38:34
(10 hours ago)
Blocked by YFC Security on https://fencingforward.com β type: xmlrpc_attempts
Brute-Force
Web App Attack
π©πͺ
BlueWire Hosting
2026-07-08 12:37:44
(10 hours ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
πΊπΈ
kosada.com
2026-07-08 12:22:57
(10 hours ago)
Web vulnerability probing: /wp-includes/id3/license.txt/web/wp-includes/wlwmanifest.xml
Web App Attack
π©πͺ
rh24
2026-07-08 12:20:52
(10 hours ago)
(wordpress) Failed wordpress login from 34.145.175.105 (US/United States/105.175.145.34.bc.googleuse ...
show more
(wordpress) Failed wordpress login from 34.145.175.105 (US/United States/105.175.145.34.bc.googleusercontent.com): (CF_ENABLE)
show less
Brute-Force
Anonymous
2026-07-08 12:09:01
(11 hours ago)
[redacted] 34.145.175.105 - - [08/Jul/2026:14:08:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" " ...
show more
[redacted] 34.145.175.105 - - [08/Jul/2026:14:08:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:14:08:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:14:08:55 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:14:08:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:14:08:57 +0200] "POST /xmlrpc
...
show less
Hacking
Web App Attack
π·πΊ
green_elephant
2026-07-08 12:07:39
(11 hours ago)
ET SCAN WordPress Scanner Performing Multiple Requests to Windows Live Writer XML (34.145.175.105:62 ...
show more
ET SCAN WordPress Scanner Performing Multiple Requests to Windows Live Writer XML (34.145.175.105:62548 -> port 80) | packets: 12
show less
Port Scan
Brute-Force
SSH
π§πͺ
cmbplf
2026-07-08 12:05:35
(11 hours ago)
19.347 requests in 1 hour (2mos2w6d)
Brute-Force
Bad Web Bot
πΊπΈ
mnsf
2026-07-08 12:05:13
(11 hours ago)
Too many Status 40X (12)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 11:59:03
(11 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.145.175.105 (105.175.145.34.bc.googleusercon ...
show more
(mod_security) mod_security (id:225170) triggered by 34.145.175.105 (105.175.145.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:58:59.820455 2026] [security2:error] [pid 2583:tid 2583] [client 34.145.175.105:62614] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||emhelectric.com.pjvcds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "emhelectric.com.pjvcds.com"] [uri "/wordpress/wp-json/wp/v2/users/"] [unique_id "ak47g94AtCvFTrLXMpHq8gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
bensmithurst
2026-07-08 11:55:27
(11 hours ago)
34.145.175.105 - - [08/Jul/2026:11:48:04 +0000] "" 400 0 "-" "-"
34.145.175.105 - - [08/Jul/2026:11: ...
show more
34.145.175.105 - - [08/Jul/2026:11:48:04 +0000] "" 400 0 "-" "-"
34.145.175.105 - - [08/Jul/2026:11:48:05 +0000] "" 400 0 "-" "-"
34.145.175.105 - - [08/Jul/2026:11:48:07 +0000] "" 400 0 "-" "-"
34.145.175.105 - - [08/Jul/2026:11:55:26 +0000] "" 400 0 "-" "-"
34.145.175.105 - - [08/Jul/2026:11:55:27 +0000] "" 400 0 "-" "-"
... [host=LAN***]
show less
Web App Attack
Anonymous
2026-07-08 11:55:16
(11 hours ago)
34.145.175.105 - - [08/Jul/2026:13:55:14 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 555 ...
show more
34.145.175.105 - - [08/Jul/2026:13:55:14 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.145.175.105 - - [08/Jul/2026:13:55:15 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.145.175.105 - - [08/Jul/2026:13:55:15 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.145.175.105 - - [08/Jul/2026:13:55:15 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.145.175.105 - - [08/Jul/2026:13:55:16 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 40
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-08 11:50:05
(11 hours ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1
Hacking
Web App Attack
π¨π
backslash
2026-07-08 11:48:00
(11 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
Anonymous
2026-07-08 11:38:49
(11 hours ago)
[redacted] 34.145.175.105 - - [08/Jul/2026:13:38:35 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" ...
show more
[redacted] 34.145.175.105 - - [08/Jul/2026:13:38:35 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:13:38:36 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:13:38:38 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:13:38:39 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.145.175.105 - - [08/Jul/2026:13:38:41 +0200] "POST //xmlrpc.php
...
show less
Hacking
Web App Attack