๐ฌ๐ง
openstrike.co.uk
2026-07-15 05:13:34
(3 days ago)
13 attacks on Wordpress URLs, PHP URLs:
GET //cms/wp-includes/wlwmanifest.xml HTTP/1.1
GET //xmlrpc. ...
show more
13 attacks on Wordpress URLs, PHP URLs:
GET //cms/wp-includes/wlwmanifest.xml HTTP/1.1
GET //xmlrpc.php?rsd HTTP/1.1
show less
Web App Attack
๐ง๐ช
cmbplf
2026-07-14 14:59:47
(4 days ago)
6.724 requests in 1 hour (3mos1w23h)
Brute-Force
Bad Web Bot
๐ท๐บ
DZBOT
2026-07-14 14:22:58
(4 days ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐จ๐ณ
Zhengka.net
2026-07-14 14:14:31
(4 days ago)
zhengka.net security honeypot hit; jail=zhengka.net_honeypot; ip=8.234.174.108
Port Scan
Web App Attack
๐ณ๐ฑ
thedreamer.nl
2026-07-14 14:11:38
(4 days ago)
8.234.174.108 - - [14/Jul/2026:16:11:13 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 555 ...
show more
8.234.174.108 - - [14/Jul/2026:16:11:13 +0200] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "Washington" "38.89400" "-77.03650"
8.234.174.108 - - [14/Jul/2026:16:11:13 +0200] "GET //feed/ HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "Washington" "38.89400" "-77.03650"
8.234.174.108 - - [14/Jul/2026:16:11:13 +0200] "GET //xmlrpc.php?rsd HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "Washington" "38.89400" "-77.03650"
8.234.174.108 - - [14/Jul/2026:16:11:13 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "US" "Washington" "38.8
...
show less
Brute-Force
Bad Web Bot
๐ฉ๐ช
ghostwarriors
2026-07-14 13:50:28
(4 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-07-14 13:50:12
(4 days ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐ฉ๐ช
iNetWorker
2026-07-14 13:46:25
(4 days ago)
trolling for resource vulnerabilities
Web App Attack
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-14 13:45:32
(4 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
Anonymous
2026-07-14 13:44:55
(4 days ago)
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.casa-ampia.gr; logs=/var/log/httpd/domains/casa-ampia.gr ...
show more
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.casa-ampia.gr; logs=/var/log/httpd/domains/casa-ampia.gr.log; samples=//xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 13:43:27
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 8.234.174.108 (108.174.234.8.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 8.234.174.108 (108.174.234.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 09:43:23.116581 2026] [security2:error] [pid 23922:tid 23922] [client 8.234.174.108:52986] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||casaluzislamujeres.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "casaluzislamujeres.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alY8-2n12CzgZvSZ4YmdCwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 13:42:04
(4 days ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-07-14 13:41:49
(4 days ago)
http-probing - IP: 8.234.174.108 - time="2026-07-14T15:41:49+02:00" level=info msg="(555f66b4f6a745 ...
show more
http-probing - IP: 8.234.174.108 - time="2026-07-14T15:41:49+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 8.234.174.108 (US/396982) : 4h ban on Ip 8.234.174.108" module=db
show less
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-14 13:39:47
(4 days ago)
8.234.174.108 - - [14/Jul/2026:09:39:46 -0400] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ...
show more
8.234.174.108 - - [14/Jul/2026:09:39:46 -0400] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 16969 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
8.234.174.108 - - [14/Jul/2026:09:39:46 -0400] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 16975 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
8.234.174.108 - - [14/Jul/2026:09:39:46 -0400] "GET //wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 16968 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
8.234.174.108 - - [14/Jul/2026:09:39:46 -0400] "GET //2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 16970 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
8.234.174.108 - - [14/Jul/2026:09:39:47 -0400] "GET //2019/wp-includes/wlwmanifest.xml
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
SiliSoftware
2026-07-14 13:35:28
(4 days ago)
/wp-includes/ID3/license.txt
Web App Attack