๐ฉ๐ช
HandyTreff.de
2026-07-06 15:56:43
(16 hours ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -67.763 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -67.763 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Sa
show less
Web App Attack
Bad Web Bot
Anonymous
2026-07-01 11:33:10
(5 days ago)
Port scan on port 50284/UDP to unused IP
Port Scan
Anonymous
2026-07-01 02:36:04
(6 days ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
Anonymous
2026-06-28 10:41:29
(1 week ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ฉ๐ช
Vegascosmetics
2026-06-20 16:28:19
(2 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
Anonymous
2026-04-16 08:04:28
(2 months ago)
(wordpress) Failed wordpress login from 129.222.147.66 (KE/Kenya/customer.nrbiken1.isp.starlink.com)
Brute-Force
Anonymous
2026-04-16 05:03:02
(2 months ago)
2026-04-16 07:03:02 ERROR util.AccessViolations - 129.222.147.66 report to fail2ban - action: block
...
show more
2026-04-16 07:03:02 ERROR util.AccessViolations - 129.222.147.66 report to fail2ban - action: block
...
show less
Hacking
Brute-Force
Bad Web Bot
Anonymous
2026-04-13 03:13:05
(2 months ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-04-13 01:23:20
(2 months ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-04-13 01:22:53
(2 months ago)
[redacted] 129.222.147.66 - - [13/Apr/2026:03:22:32 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6596 "-" ...
show more
[redacted] 129.222.147.66 - - [13/Apr/2026:03:22:32 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6596 "-" "WordPress.com; https://wordpress.com"
[redacted] 129.222.147.66 - - [13/Apr/2026:03:22:34 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6641 "-" "Jetpack/12.5; WordPress/6.1; http://site98283999.com"
[redacted] 129.222.147.66 - - [13/Apr/2026:03:22:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6641 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)"
[redacted] 129.222.147.66 - - [13/Apr/2026:03:22:45 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6596 "-" "WordPress.com; https://wordpress.com"
[redacted] 129.222.147.66 - - [13/Apr/2026:03:22:53 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6596 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-04-12 04:36:38
(2 months ago)
DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: a ...
show more
DDoS botnet 510.000+ IPs; URL with bing/trustpilot/githubhelp and %C2%A4 or \xc2\xa4. NEW 09/2025: amplification attacks via third-parties e.g. HTTP_USER_AGENT facebookexternalhit/meta-externalagent/meta-externalfetcher or IPs from googleusercontent.com with fake HTTP_REFERER foxnews.com/newsweek.com/upwork.com/activision.com/... Port 443.
show less
DDoS Attack
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-11 18:07:28
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 129.222.147.66 (customer.nrbiken1.isp.starlink. ...
show more
(mod_security) mod_security (id:225170) triggered by 129.222.147.66 (customer.nrbiken1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 14:07:20.807262 2026] [security2:error] [pid 442881:tid 442881] [client 129.222.147.66:20098] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||speedysremodeling.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "speedysremodeling.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adqN2PAQCLw1XJvQpqPWnAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-04-11 18:05:45
(2 months ago)
Xmlrpc Caught (6)
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-04-11 16:57:04
(2 months ago)
(wordpress) Failed wordpress login from 129.222.147.66 (KE/Kenya/customer.nrbiken1.isp.starlink.com)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-11 16:32:49
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 129.222.147.66 (customer.nrbiken1.isp.starlink. ...
show more
(mod_security) mod_security (id:225170) triggered by 129.222.147.66 (customer.nrbiken1.isp.starlink.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 12:32:44.008902 2026] [security2:error] [pid 3225694:tid 3225694] [client 129.222.147.66:16370] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||londongroup.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "londongroup.info"] [uri "/wp-json/wp/v2/users"] [unique_id "adp3rHLUXUQoeQJoRFblSAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack