๐ฌ๐ง
openstrike.co.uk
2025-11-04 06:12:58
(8 months ago)
17 attacks on PHP URLs, Wordpress URLs:
GET /xmlrpc.php?rsd HTTP/1.1
GET /sito/wp-includes/wlwmanife ...
show more
17 attacks on PHP URLs, Wordpress URLs:
GET /xmlrpc.php?rsd HTTP/1.1
GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1
show less
Web App Attack
๐ฌ๐ง
[email protected]
2025-11-04 00:52:31
(8 months ago)
...
Brute-Force
SSH
๐ซ๐ท
Murazaki
2025-11-03 23:03:26
(8 months ago)
34.169.195.51 - - [03/Nov/2025:13:54:25 +0100] "" 400 0 "-" "-" "-"
...
Hacking
๐บ๐ธ
mnsf
2025-11-03 14:05:21
(8 months ago)
Too many Status 40X (14)
Brute-Force
Web App Attack
๐ฉ๐ช
on-com
2025-11-03 13:51:01
(8 months ago)
URL scan
Brute-Force
Web App Attack
๐ฉ๐ช
OiledAmoeba
2025-11-03 13:48:50
(8 months ago)
34.169.195.51 - - [03/Nov/2025:14:48:30 +0100] "www.ruhnke.cloud" "POST //xmlrpc.php HTTP/1.1" 200 4 ...
show more
34.169.195.51 - - [03/Nov/2025:14:48:30 +0100] "www.ruhnke.cloud" "POST //xmlrpc.php HTTP/1.1" 200 473 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-" 1.744
34.169.195.51 - - [03/Nov/2025:14:48:31 +0100] "www.ruhnke.cloud" "POST //xmlrpc.php HTTP/1.1" 200 473 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-" 0.394
34.169.195.51 - - [03/Nov/2025:14:48:31 +0100] "www.ruhnke.cloud" "POST //xmlrpc.php HTTP/1.1" 200 473 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-" 0.450
34.169.195.51 - - [03/Nov/2025:14:48:33 +0100] "www.ruhnke.cloud" "POST //xmlrpc.php HTTP/1.1" 200 473 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-" 0.916
34.169.195.51 - - [03/Nov/2025:14:48:34 +0100] "www.ruhn
...
show less
Brute-Force
๐ฉ๐ช
Hary74656
2025-11-03 13:48:40
(8 months ago)
[Mon Nov 03 14:48:32.156604 2025] [core:info] [pid 101711:tid 101888] [client 34.169.195.51:56177] A ...
show more
[Mon Nov 03 14:48:32.156604 2025] [core:info] [pid 101711:tid 101888] [client 34.169.195.51:56177] AH00128: File does not exist: /home/harald/www/blog/wp-includes/wlwmanifest.xml
...
show less
Bad Web Bot
๐ฎ๐ฉ
Burayot
2025-11-03 13:35:31
(8 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.169.195.51 (US/United States/51. ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 34.169.195.51 (US/United States/51.195.169.34.bc.googleusercontent.com): 1 in the last 3600 secs
show less
Web App Attack
๐ท๐ด
INTEQ
2025-11-03 13:34:02
(8 months ago)
Web attack from 34.169.195.51
Web App Attack
๐ง๐ช
cmbplf
2025-11-03 13:28:14
(8 months ago)
45.599 requests with url.path */xmlrpc.php
2.462 requests with url.path */wp-includes/wlwmanifest. ...
show more
45.599 requests with url.path */xmlrpc.php
2.462 requests with url.path */wp-includes/wlwmanifest.xml
show less
Brute-Force
Bad Web Bot
๐ง๐พ
lns.bz
2025-11-03 13:23:16
(8 months ago)
Too many 404 requests [BY]
Web App Attack
๐ฎ๐น
VHosting
2025-11-03 13:20:08
(8 months ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ฎ
as211431.net
2025-11-03 13:12:08
(8 months ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /site/wp-includes/wlwmanifest.xml
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ฎ
abdubhai
2025-11-03 13:09:33
(8 months ago)
34.169.195.51 - - [03/Nov/2025:1
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-11-03 13:07:55
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 34.169.195.51 (51.195.169.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.169.195.51 (51.195.169.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 03 08:07:49.472222 2025] [security2:error] [pid 31278:tid 31278] [client 34.169.195.51:60994] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.indiahouseportland.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.indiahouseportland.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQipJeHCsXJg0htdBPdsewAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack