๐ฌ๐ง
openstrike.co.uk
2026-07-13 05:13:49
(2 days ago)
13 attacks on PHP URLs, Wordpress URLs:
GET //xmlrpc.php?rsd HTTP/1.1
GET //cms/wp-includes/wlwmanif ...
show more
13 attacks on PHP URLs, Wordpress URLs:
GET //xmlrpc.php?rsd HTTP/1.1
GET //cms/wp-includes/wlwmanifest.xml HTTP/1.1
show less
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-12 13:28:02
(3 days ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-12 13:18:08
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 34.62.161.95 (95.161.62.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.62.161.95 (95.161.62.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 09:18:03.960869 2026] [security2:error] [pid 8616:tid 8616] [client 34.62.161.95:57459] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||coolerboxes.greenlight.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coolerboxes.greenlight.us"] [uri "/wp-json/wp/v2/users/"] [unique_id "alOUC_nH7BONIJPpscDuoQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐พ
lns.bz
2026-07-12 13:15:07
(3 days ago)
Too many 404 requests [BY]
Web App Attack
๐ซ๐ท
masterguru
2026-07-12 13:09:46
(3 days ago)
Too much 404 requests in 1 minute. Operator GE matched 20 at IP:block_script. (46020-131)
Hacking
Anonymous
2026-07-12 13:09:26
(3 days ago)
[redacted] 34.62.161.95 - - [12/Jul/2026:15:09:14 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "M ...
show more
[redacted] 34.62.161.95 - - [12/Jul/2026:15:09:14 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.62.161.95 - - [12/Jul/2026:15:09:15 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.62.161.95 - - [12/Jul/2026:15:09:16 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.62.161.95 - - [12/Jul/2026:15:09:17 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
[redacted] 34.62.161.95 - - [12/Jul/2026:15:09:18 +0200] "POST //xmlrpc.php HTTP/1.1" 200 416 "-
...
show less
Hacking
Web App Attack
Anonymous
2026-07-12 13:07:36
(3 days ago)
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-12 13:07:18
(3 days ago)
238.063 requests in 1 hour (2mos2w3d)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-12 13:00:51
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 34.62.161.95 (95.161.62.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.62.161.95 (95.161.62.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 09:00:44.554856 2026] [security2:error] [pid 3635:tid 3653] [client 34.62.161.95:64096] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||colegiopiramide.edu.gt|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "colegiopiramide.edu.gt"] [uri "/wp-json/wp/v2/users/"] [unique_id "alOP_HAztZ8n6r4cFynfSgAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
CK_beats
2026-07-12 12:45:02
(3 days ago)
Blocked by os-abuseipdb on OPNsense firewall KN-FW01; 9 hits, proto=tcp, ports=80
Port Scan
Hacking
๐จ๐ณ
Zhengka.net
2026-07-12 12:31:11
(3 days ago)
zhengka.net security honeypot hit; jail=zhengka.net_honeypot; ip=34.62.161.95
Port Scan
Web App Attack
๐จ๐ญ
TheCoon
2026-07-12 12:30:01
(3 days ago)
Automated: Web tarpit scanner detected
Web App Attack
Hacking
๐ท๐บ
DZBOT
2026-07-12 12:26:47
(3 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
findlab
2026-07-12 12:25:01
(3 days ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 12:22:19
(3 days ago)
34.62.161.95 - - [12/Jul/2026:14:22:18 +0200] "GET //wp-includes/id3/license.txt/feed/ HTTP/1.1" 404 ...
show more
34.62.161.95 - - [12/Jul/2026:14:22:18 +0200] "GET //wp-includes/id3/license.txt/feed/ HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.62.161.95 - - [12/Jul/2026:14:22:19 +0200] "GET //wp-includes/id3/license.txt/xmlrpc.php?rsd HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.62.161.95 - - [12/Jul/2026:14:22:19 +0200] "GET //wp-includes/id3/license.txt/blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.62.161.95 - - [12/Jul/2026:14:22:19 +0200] "GET //wp-includes/id3/license.txt/web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
34.62.161.95 - - [12/Jul/2026:14:2
...
show less
Brute-Force
Web App Attack