Anonymous
2026-06-30 13:06:04
(1 hour ago)
Trying to access config files
Web App Attack
๐บ๐ธ
Lee Daniel
2026-06-30 12:56:22
(1 hour ago)
34.19.53.110 - - [30/Jun/2026:08:56:20 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20 ...
show more
34.19.53.110 - - [30/Jun/2026:08:56:20 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20506 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:08:56:21 -0400] "GET //2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20512 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:08:56:21 -0400] "GET //2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20512 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:08:56:21 -0400] "GET //2021/wp-includes/wlwmanifest.xml HTTP/1.1" 404 20512 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:08:56:21 -0400] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-06-30 12:54:53
(1 hour ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/1.1 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/1.1 (GET method)
Endpoint: //cms/wp-includes/wlwmanifest.xml
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-30 12:46:22
(1 hour ago)
(mod_security) mod_security (id:225170) triggered by 34.19.53.110 (110.53.19.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.19.53.110 (110.53.19.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:46:16.562922 2026] [security2:error] [pid 11052:tid 11052] [client 34.19.53.110:64064] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kerrywoodandson.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kerrywoodandson.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akO6mPYNSXTQeWpIRk3pJQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2026-06-30 12:40:04
(1 hour ago)
URL Probing: /xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 12:21:35
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.19.53.110 (110.53.19.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.19.53.110 (110.53.19.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:21:30.101159 2026] [security2:error] [pid 11778:tid 11778] [client 34.19.53.110:59881] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jonleefamily.brushmileage.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jonleefamily.brushmileage.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "akO0ypnekO3SLlOS0-yX4wAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 12:13:45
(2 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
abdubhai
2026-06-30 12:06:14
(2 hours ago)
34.19.53.110 - - [30/Jun/2026:16
...
Brute-Force
๐บ๐ธ
mnsf
2026-06-30 12:05:42
(2 hours ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐ท๐บ
DZBOT
2026-06-30 12:03:58
(2 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 12:03:14
(2 hours ago)
(mod_security) mod_security (id:225170) triggered by 34.19.53.110 (110.53.19.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.19.53.110 (110.53.19.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 08:03:08.781638 2026] [security2:error] [pid 15999:tid 15999] [client 34.19.53.110:54074] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ixd.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ixd.net"] [uri "/wp-json/wp/v2/users/"] [unique_id "akOwfANT_ysV6FqejD9lmwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-06-30 11:50:58
(2 hours ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
Anonymous
2026-06-30 11:46:31
(2 hours ago)
34.19.53.110 - - [30/Jun/2026:13:46:28 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 567 "- ...
show more
34.19.53.110 - - [30/Jun/2026:13:46:28 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:13:46:29 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:13:46:30 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:13:46:30 +0200] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.19.53.110 - - [30/Jun/2026:13:46:30 +0200] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 567 "-"
...
show less
Brute-Force
Web App Attack
Anonymous
2026-06-30 11:43:45
(2 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-06-30 11:42:14
(2 hours ago)
POST //xmlrpc.php
Brute-Force
Web App Attack