๐ง๐ท
Peregrine
2026-06-30 03:12:40
(2 days ago)
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 139.59.252.58 108.162.227.54 - - [27/Jun/2026:08:57 ...
show more
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 139.59.252.58 108.162.227.54 - - [27/Jun/2026:08:57:32 -0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 18149
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-06-29 03:12:39
(3 days ago)
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 139.59.252.58 108.162.227.54 - - [27/Jun/2026:08:57 ...
show more
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 139.59.252.58 108.162.227.54 - - [27/Jun/2026:08:57:32 -0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 18149
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-06-27 11:57:36
(4 days ago)
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 139.59.252.58 108.162.227.54 - - [27/Jun/2026:08:57 ...
show more
Fail2Ban ct101 Jail: tomcat-honeypot | Evidence: 139.59.252.58 108.162.227.54 - - [27/Jun/2026:08:57:32 -0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 18149
show less
Bad Web Bot
๐บ๐ธ
agenciahypelab.com.br
2026-06-27 06:06:05
(5 days ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
๐ง๐ท
dominioz
2026-06-27 00:56:23
(5 days ago)
2026-06-26 15:24:30 GET /xmlrpc.php rsd - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64 ...
show more
2026-06-26 15:24:30 GET /xmlrpc.php rsd - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 301 627
2026-06-27 00:55:42 GET /wordpress/wp-includes/wlwmanifest.xml - - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 404 23943
...
show less
Web App Attack
๐ง๐ท
dominioz
2026-06-26 13:42:26
(5 days ago)
2026-06-26 13:41:39 GET /wp-includes/wlwmanifest.xml - - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows ...
show more
2026-06-26 13:41:39 GET /wp-includes/wlwmanifest.xml - - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 404 1440
2026-06-26 13:41:40 GET /xmlrpc.php rsd - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 404 1440
2026-06-26 13:41:40 GET /blog/wp-includes/wlwmanifest.xml - - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 404 1440
2026-06-26 13:41:41 GET /web/wp-includes/wlwmanifest.xml - - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 404 1440
...
show less
Web App Attack
Anonymous
2026-06-26 12:32:58
(5 days ago)
139.59.252.58 - - [26/Jun/2026:09:32:52 -0300] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 1807 ...
show more
139.59.252.58 - - [26/Jun/2026:09:32:52 -0300] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 1807 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
139.59.252.58 - - [26/Jun/2026:09:32:52 -0300] "GET //xmlrpc.php?rsd HTTP/1.1" 404 1807 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
139.59.252.58 - - [26/Jun/2026:09:32:55 -0300] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 1807 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Port Scan
๐ง๐ช
cmbplf
2026-06-26 05:28:08
(6 days ago)
4.580 requests with url.path //xmlrpc.php
4.515 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐ง๐ท
dominioz
2026-06-26 04:30:21
(6 days ago)
2026-06-25 20:25:19 GET /xmlrpc.php rsd - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64 ...
show more
2026-06-25 20:25:19 GET /xmlrpc.php rsd - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 301 579
2026-06-26 00:49:47 GET /xmlrpc.php rsd - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 301 615
2026-06-26 04:29:22 GET /wp-includes/wlwmanifest.xml - - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 404 34424
2026-06-26 04:29:24 GET / author=2 - 139.59.252.58 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/78.0.3904.108+Safari/537.36 - 404 34400
...
show less
Web App Attack
Anonymous
2026-06-26 03:25:29
(6 days ago)
(PERMBLOCK) 139.59.252.58 (SG/Singapore/-) has had more than 4 temp blocks in the last 86400 secs; I ...
show more
(PERMBLOCK) 139.59.252.58 (SG/Singapore/-) has had more than 4 temp blocks in the last 86400 secs; IP: 139.59.252.58; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Brute-Force
Anonymous
2026-06-25 22:05:05
(6 days ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=21
Hacking
๐ช๐ธ
pipeline.es
2026-06-25 21:46:10
(6 days ago)
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: agi ...
show more
Web scanning / probing for vulnerable paths | URL: //wp2/wp-includes/wlwmanifest.xml | Evidence: agilityturismo.com.br 139.59.252.58 - - [25/Jun/2026:23:40:53 +0200] \"GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1\" 404 19096 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36\" GEOIP_COUNTRY_CODE=SG | ASN: DIGITALOCEAN-ASN | Country: SG
show less
Port Scan
Web App Attack
๐ง๐ท
Halux
2026-06-25 19:51:44
(6 days ago)
139.59.252.58 Web Application Firewall multiple violations
Hacking
Web App Attack
๐ณ๐ฑ
Savvii
2026-05-25 18:47:36
(1 month ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
AGEPCom
2026-05-24 12:35:17
(1 month ago)
Smart-Ban: IP bannie via score AbuseIPDB
Brute-Force
Web App Attack