๐ฌ๐ง
SCLwebadministrator
2026-07-07 16:37:00
(3 hours ago)
Bruteforce WordPress logins detected with Loginizer
Brute-Force
Web App Attack
Hacking
๐ฉ๐ช
dbmwebdesign
2026-07-07 14:10:19
(5 hours ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐ซ๐ท
LRob
2026-07-07 14:06:51
(5 hours ago)
CrowdSec: lrob/wp-login-slow-bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (X11; Ubuntu; Linux x86 ...
show more
CrowdSec: lrob/wp-login-slow-bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0","Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101
show less
Brute-Force
Web App Attack
๐ซ๐ท
Tilellit.PRO
2026-07-07 14:03:33
(5 hours ago)
WP Armour Plugin detection
Web Spam
Brute-Force
๐ฉ๐ช
Prodscape
2026-07-07 14:02:58
(5 hours ago)
(WPLOGIN) WP Login Attack 132.148.77.38 (US/United States/38.77.148.132.host.secureserver.net): 5 in ...
show more
(WPLOGIN) WP Login Attack 132.148.77.38 (US/United States/38.77.148.132.host.secureserver.net): 5 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER
show less
Port Scan
๐บ๐ธ
jormaster3k
2026-07-07 14:01:20
(6 hours ago)
Attack against WordPress
Web App Attack
๐ฉ๐ช
DocNetzwerk
2026-07-07 14:00:55
(6 hours ago)
(wordpress) Failed wordpress login from 132.148.77.38 (US/United States/38.77.148.132.host.secureser ...
show more
(wordpress) Failed wordpress login from 132.148.77.38 (US/United States/38.77.148.132.host.secureserver.net)
show less
Brute-Force
๐ฉ๐ช
Marc
2026-07-07 13:36:05
(6 hours ago)
132.148.77.38 - - [07/Jul/2026:13:39:42 +0200] "GET /wp-login.php HTTP/2.0" 200 3328 "-" "Mozilla/5. ...
show more
132.148.77.38 - - [07/Jul/2026:13:39:42 +0200] "GET /wp-login.php HTTP/2.0" 200 3328 "-" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 132.148.77.38 - - [07/Jul/2026:13:39:43 +0200] "POST /wp-login.php HTTP/2.0" 200 3240 "https://fachanwaelte-iserlohn.de/wp-login.php" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 132.148.77.38 - - [07/Jul/2026:13:51:07 +0200] "GET /wp-login.php HTTP/2.0" 200 3926 "https://weiss-blau-hemer.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" 132.148.77.38 - - [07/Jul/2026:15:31:22 +0200] "GET /wp-login.php HTTP/2.0" 200 3926 "https://weiss-blau-hemer.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15" 132.148.77.38 - - [07/Jul/2026:15:36:04 +0200] "GET /wp-login.php HTTP/2.0" 200 3925 "https://weiss-bl
show less
Brute-Force
Web App Attack
๐บ๐ธ
TAY
2026-07-07 13:36:04
(6 hours ago)
132.148.77.38 - - [07/Jul/2026:21:27:24 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6263 "-" "Mozilla/5.0 ...
show more
132.148.77.38 - - [07/Jul/2026:21:27:24 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6263 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
132.148.77.38 - - [07/Jul/2026:21:33:55 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6323 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
132.148.77.38 - - [07/Jul/2026:21:36:02 +0800] "POST /wp-login.php HTTP/1.1" 200 2615 "https://littleprairie.com.my/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-07 13:30:23
(6 hours ago)
(mod_security) mod_security (id:225170) triggered by 132.148.77.38 (38.77.148.132.host.secureserver. ...
show more
(mod_security) mod_security (id:225170) triggered by 132.148.77.38 (38.77.148.132.host.secureserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 09:30:19.046817 2026] [security2:error] [pid 24607:tid 24611] [client 132.148.77.38:60594] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||hmpdecors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hmpdecors.com"] [uri "/wp-json/wp/v2/users/me"] [unique_id "akz_a4pVs4WD6qYu0N3vPQAAAIA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
cwytech
2026-07-07 13:28:57
(6 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
Victor Lรณpez
2026-07-07 13:27:20
(6 hours ago)
s8.digitalhypepro.com 132.148.77.38 - - [07/Jul/2026:08:26:57 -0500] "GET /wp-login.php HTTP/2.0" 20 ...
show more
s8.digitalhypepro.com 132.148.77.38 - - [07/Jul/2026:08:26:57 -0500] "GET /wp-login.php HTTP/2.0" 200 3231 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
s8.digitalhypepro.com 132.148.77.38 - - [07/Jul/2026:08:26:59 -0500] "POST /wp-login.php HTTP/2.0" 200 3404 "https://s8.digitalhypepro.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
www.longfisolutions.com 132.148.77.38 - - [07/Jul/2026:08:27:19 -0500] "GET /xmlrpc.php HTTP/2.0" 200 3205 "https://longfisolutions.com/xmlrpc.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
london2038.com
2026-07-07 13:23:36
(6 hours ago)
Attacking WordPress
132.148.77.38 - - [07/Jul/2026:15:23:31 +0200] "POST /xmlrpc.php HTTP/2.0" 503 1 ...
show more
Attacking WordPress
132.148.77.38 - - [07/Jul/2026:15:23:31 +0200] "POST /xmlrpc.php HTTP/2.0" 503 18945 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
show less
Brute-Force
Web App Attack
๐ญ๐บ
szasa
2026-07-07 13:22:28
(6 hours ago)
2026/07/07 15:10:00 [error] 4177413#4177413: *907581 access forbidden by rule, client: 132.148.77.38 ...
show more
2026/07/07 15:10:00 [error] 4177413#4177413: *907581 access forbidden by rule, client: 132.148.77.38, server: datamentor.hu, request: "GET /wp-login.php HTTP/2.0", host: "beszerzokozpont.hu"
2026/07/07 15:10:01 [error] 4177413#4177413: *907581 access forbidden by rule, client: 132.148.77.38, server: datamentor.hu, request: "POST /wp-login.php HTTP/2.0", host: "beszerzokozpont.hu", referrer: "https://beszerzokozpont.hu/wp-login.php"
2026/07/07 15:22:27 [error] 4177413#4177413: *908325 access forbidden by rule, client: 132.148.77.38, server: datamentor.hu, request: "GET /wp-login.php HTTP/2.0", host: "beszerzokozpont.hu"
2026/07/07 15:22:28 [error] 4177413#4177413: *908325 access forbidden by rule, client: 132.148.77.38, server: datamentor.hu, request: "POST /wp-login.php HTTP/2.0", host: "beszerzokozpont.hu", referrer: "https://beszerzokozpont.hu/wp-login.php"
...
show less
Web App Attack
๐จ๐ญ
Origon
2026-07-07 13:20:15
(6 hours ago)
recidive - IP: 132.148.77.38 - 2026-07-07 13:43:45,449 fail2ban.actions [2349624]: NOTICE [plesk-wo ...
show more
recidive - IP: 132.148.77.38 - 2026-07-07 13:43:45,449 fail2ban.actions [2349624]: NOTICE [plesk-wordpress] Ban 132.148.77.38 2026-07-07 14:44:06,448 fail2ban.actions [2349624]: NOTICE [plesk-wordpress] Ban 132.148.77.38 2026-07-07 15:20:14,918 fail2ban.actions [2349624]: NOTICE [plesk-wordpress] Ban 132.148.77.38
show less
Web App Attack