Anonymous
2026-05-07 00:04:07
(2 months ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
๐ฉ๐ช
Blexyel
2026-02-10 16:46:13
(5 months ago)
139.59.120.137 - - [10/Feb/2026:13:03:23 +0000] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 ...
show more
139.59.120.137 - - [10/Feb/2026:13:03:23 +0000] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ซ๐ฎ
Erpelstolz
2026-02-10 13:35:49
(5 months ago)
external host: 139.59.120.137 - - [10/Feb/2026:14:35:48 +0100] "GET //wp-includes/ID3/license.txt HT ...
show more
external host: 139.59.120.137 - - [10/Feb/2026:14:35:48 +0100] "GET //wp-includes/ID3/license.txt HTTP/1.1" 404 9439 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
show less
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-02-09 22:59:44
(5 months ago)
Auto-ban: 234 malicious requests on 2026-02-08 (e.g., env/backup probes, brute-force, or error burst ...
show more
Auto-ban: 234 malicious requests on 2026-02-08 (e.g., env/backup probes, brute-force, or error bursts).
show less
Hacking
Web App Attack
SSH
Anonymous
2026-02-09 06:04:18
(5 months ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
๐บ๐ธ
agenciahypelab.com.br
2026-02-09 05:12:07
(5 months ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
๐ฆ๐ฑ
Lungu Stefan Gabriel
2026-02-09 05:06:40
(5 months ago)
Node: AL-01 | Jail: https-port-443 | Rate-Limit (Port 443) - Rate-limit/abuse attack on port 443. Re ...
show more
Node: AL-01 | Jail: https-port-443 | Rate-Limit (Port 443) - Rate-limit/abuse attack on port 443. Reported by fail2ban.
show less
Web Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-09 04:38:04
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 139.59.120.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 139.59.120.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 23:37:58.744780 2026] [security2:error] [pid 17056:tid 17056] [client 139.59.120.137:49190] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.lumentravel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.lumentravel.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aYlkpj8aL5cP3yyIgancgQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
aranguren.org
2026-02-09 04:17:26
(5 months ago)
139.59.120.137 - - [09/Feb/2026:15:17:24 +1100] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 302 - "- ...
show more
139.59.120.137 - - [09/Feb/2026:15:17:24 +1100] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
139.59.120.137 - - [09/Feb/2026:15:17:25 +1100] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
139.59.120.137 - - [09/Feb/2026:15:17:25 +1100] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 302 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Web App Attack
๐จ๐ญ
Origon
2026-02-09 04:10:44
(5 months ago)
http-probing - IP: 139.59.120.137 - time="2026-02-09T05:10:44+01:00" level=info msg="(555f66b4f6a74 ...
show more
http-probing - IP: 139.59.120.137 - time="2026-02-09T05:10:44+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 139.59.120.137 (SG/14061) : 4h ban on Ip 139.59.120.137" module=db
show less
Web App Attack
๐จ๐ญ
zynex
2026-02-09 03:14:26
(5 months ago)
URL Probing: /wp-includes/wlwmanifest.xml
Web App Attack
๐ฉ๐ช
webanyone
2026-02-09 02:30:23
(5 months ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ง๐ช
taivas.nl
2026-02-09 01:32:11
(5 months ago)
Bad_requests
Bad Web Bot
๐ซ๐ท
YF
2026-02-09 01:15:09
(5 months ago)
xmlrpc.php (Potential DDoS or brute force)
Brute-Force
Web App Attack
๐ฉ๐ช
todix
2026-02-09 01:14:21
(5 months ago)
WebAttack or semilar from 139.59.120.137
Web App Attack