๐ซ๐ฎ
Eepp
2026-06-29 13:59:00
(6 days ago)
brute force WordPress wp-login.php as "admin."
Brute-Force
Web App Attack
Anonymous
2026-06-26 13:09:35
(1 week ago)
wordpress exploit scan
Web App Attack
๐บ๐ธ
mnsf
2026-06-26 13:05:31
(1 week ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-06-26 13:02:36
(1 week ago)
12.954 requests in 1 hour (3mos1w2d)
Brute-Force
Bad Web Bot
๐ช๐ธ
masterguru
2026-06-26 13:01:27
(1 week ago)
(xmlrpc) Failed xmlrpc access from 136.66.98.120 (US/United States/120.98.66.136.bc.googleuserconten ...
show more
(xmlrpc) Failed xmlrpc access from 136.66.98.120 (US/United States/120.98.66.136.bc.googleusercontent.com): 5 in the last 3600 secs (0-122)
show less
Hacking
๐ฉ๐ช
LRob
2026-06-26 13:00:17
(1 week ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ซ๐ท
largo-it.net
2026-06-26 12:58:46
(1 week ago)
Jun 26 14:58:44 vps-9f3cdc33 haproxy[923714]: 136.66.98.120:63985 [26/Jun/2026:14:58:43.959] www_fro ...
show more
Jun 26 14:58:44 vps-9f3cdc33 haproxy[923714]: 136.66.98.120:63985 [26/Jun/2026:14:58:43.959] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/64/75 404 3252 - - ---- 51/10/0/0/0 0/0 "GET //wp-includes/ID3/license.txt HTTP/1.1"
Jun 26 14:58:44 vps-9f3cdc33 haproxy[923714]: 136.66.98.120:63985 [26/Jun/2026:14:58:44.034] www_frontend~ finance_cluster/finance1_test1_https 193/0/11/50/254 404 3151 - - ---- 51/10/0/0/0 0/0 "GET //feed/ HTTP/1.1"
Jun 26 14:58:44 vps-9f3cdc33 haproxy[923714]: 136.66.98.120:63985 [26/Jun/2026:14:58:44.289] www_frontend~ finance_cluster/finance1_test1_https 201/0/11/50/262 404 3151 - - ---- 51/10/0/0/0 0/0 "GET //xmlrpc.php?rsd HTTP/1.1"
Jun 26 14:58:44 vps-9f3cdc33 haproxy[923714]: 136.66.98.120:63985 [26/Jun/2026:14:58:44.551] www_frontend~ finance_cluster/finance1_test1_https 250/0/10/48/308 404 3151 - - ---- 51/10/0/0/0 0/0 "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1"
Jun 26 14:58:45 vps-9f3cdc33 haproxy[923714]: 136.66.98.120:63985 [26/Jun/202
...
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 12:53:34
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 136.66.98.120 (120.98.66.136.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 136.66.98.120 (120.98.66.136.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:53:29.196613 2026] [security2:error] [pid 21238:tid 21269] [client 136.66.98.120:50633] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.lancasterdesignercraftsmen.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.lancasterdesignercraftsmen.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "aj52SeKiemAPeUIw2mLRvwAAAFQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-26 12:47:27
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ธ๐ฌ
Cloudkul Cloudkul
2026-06-26 12:42:54
(1 week ago)
Attempted Brute Force on our application
Brute-Force
Web App Attack
Anonymous
2026-06-26 12:37:32
(1 week ago)
136.66.98.120 - - [26/Jun/2026:14:37:31 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 28145 ...
show more
136.66.98.120 - - [26/Jun/2026:14:37:31 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 28145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.98.120 - - [26/Jun/2026:14:37:31 +0200] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 27891 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.98.120 - - [26/Jun/2026:14:37:31 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 28145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.98.120 - - [26/Jun/2026:14:37:31 +0200] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 27891 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
136.66.98.120 - - [26/Jun/2026:14:37:31 +0200] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 281
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
HandyTreff.de
2026-06-26 12:34:37
(1 week ago)
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -91.678 (Bad < -10 / Very Bad < -20 ...
show more
Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -91.678 (Bad < -10 / Very Bad < -20 / Extreme < -35) | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69
show less
Web App Attack
Bad Web Bot
๐ท๐บ
DZBOT
2026-06-26 12:21:42
(1 week ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐จ๐ญ
backslash
2026-06-26 12:21:00
(1 week ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ณ๐ฑ
ipoac.nl
2026-06-26 12:18:35
(1 week ago)
-:443 136.66.98.120 - - [26/Jun/2026:14:18:33 +0200] - "GET //xmlrpc.php?rsd HTTP/1.1" 403 1967 "-" ...
show more
-:443 136.66.98.120 - - [26/Jun/2026:14:18:33 +0200] - "GET //xmlrpc.php?rsd HTTP/1.1" 403 1967 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Bad Web Bot