Anonymous
2026-07-11 10:09:57
(2 days ago)
(wordpress) Failed wordpress login from 135.136.134.239 (-)
Brute-Force
π§πͺ
cmbplf
2026-07-11 07:14:40
(2 days ago)
2.171 requests from abuseipdb.com blacklisted IP (3w2d20h)
Brute-Force
Bad Web Bot
Anonymous
2026-07-11 06:45:59
(2 days ago)
2026-07-11T08:45:59.171207+02:00 polaris wp(sahpa.co.za)[189023]: Authentication attempt for unknown ...
show more
2026-07-11T08:45:59.171207+02:00 polaris wp(sahpa.co.za)[189023]: Authentication attempt for unknown user bot from 135.136.134.239
...
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-11 05:27:21
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 135.136.134.239 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 135.136.134.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 01:27:16.182543 2026] [security2:error] [pid 13971:tid 13971] [client 135.136.134.239:57006] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.belgiophar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.belgiophar.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alHUNKg-EL4OZ9di5Yv8AQAAAAY"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
i-turnradio.nl
2026-07-11 04:43:00
(2 days ago)
2026-07-11 @ 06:43:00 (CET) ~ Blocked for trying to access: /wp-includes/core.php
Web App Attack
π©πͺ
stinpriza
2026-07-11 03:02:22
(2 days ago)
Web App Attack
Web App Attack
π©πͺ
LRob
2026-07-11 01:03:36
(2 days ago)
CrowdSec: crowdsecurity/http-bad-user-agent | req: ["/wp-includes/core.php"] | UA: ["Mozlila/5.0 (Li ...
show more
CrowdSec: crowdsecurity/http-bad-user-agent | req: ["/wp-includes/core.php"] | UA: ["Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/53
show less
Bad Web Bot
π¨π¦
electronico
2026-07-10 19:53:02
(2 days ago)
135.136.134.239 - - [11/Jul/2026:06:53:01 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "https://www. ...
show more
135.136.134.239 - - [11/Jul/2026:06:53:01 +1100] "GET /wp-login.php HTTP/1.1" 403 5922 "https://www.google.com/search?q=wordpress" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
135.136.134.239 - - [11/Jul/2026:06:53:01 +1100] "GET /wp-login.php HTTP/1.1" 301 487 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:119.0) Gecko/20100101 Firefox/119.0"
135.136.134.239 - - [11/Jul/2026:06:53:01 +1100] "GET /wp-login.php HTTP/1.1" 403 2107 "" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:119.0) Gecko/20100101 Firefox/119.0"
...
show less
Brute-Force
Web App Attack
π©πͺ
FeG Deutschland
2026-07-10 17:23:33
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
π©πͺ
LRob
2026-07-10 16:00:22
(2 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (Windows N ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT
show less
Brute-Force
Web App Attack
Anonymous
2026-07-10 15:29:37
(3 days ago)
Aggressive web scan
Web App Attack
Anonymous
2026-07-10 15:13:07
(3 days ago)
135.136.134.239 - - [10/Jul/2026:17:13:05 +0200] "POST /wp-login.php HTTP/1.1" 200 2741 "https://lea ...
show more
135.136.134.239 - - [10/Jul/2026:17:13:05 +0200] "POST /wp-login.php HTTP/1.1" 200 2741 "https://learningladderzm.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15"
135.136.134.239 - - [10/Jul/2026:17:13:05 +0200] "POST /wp-login.php HTTP/1.1" 200 2234 "https://learningladderzm.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.6 Safari/605.1.15"
135.136.134.239 - - [10/Jul/2026:17:13:06 +0200] "POST /wp-login.php HTTP/1.1" 200 2746 "https://learningladderzm.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
135.136.134.239 - - [10/Jul/2026:17:13:06 +0200] "POST /wp-login.php HTTP/1.1" 200 2239 "https://learningladderzm.com/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
135.13
...
show less
Brute-Force
Web App Attack
π³π±
ConsulHosting
2026-07-10 07:39:22
(3 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
π³π±
Site.eu
2026-07-10 05:36:57
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
π«π·
LRob
2026-07-10 04:40:35
(3 days ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (Windows N ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf | req: ["/wp-login.php"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0","Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT
show less
Brute-Force
Web App Attack