๐ณ๐ฑ
Site.eu
2025-07-09 06:52:43
(11 months ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2025-07-08 16:11:41
(1 year ago)
(wordpress) Failed wordpress login from 139.59.99.73 (SG/Singapore/-)
Brute-Force
๐จ๐ญ
zynex
2025-07-08 11:23:41
(1 year ago)
URL Probing: /wp-includes/wlwmanifest.xml
Web App Attack
๐ณ๐ฑ
Site.eu
2025-07-08 11:21:41
(1 year ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
Ba-Yu
2025-07-08 07:42:50
(1 year ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-07 19:03:58
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 139.59.99.73 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 139.59.99.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 07 15:03:53.486396 2025] [security2:error] [pid 15255:tid 15275] [client 139.59.99.73:52310] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||southtampaprints.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "southtampaprints.com"] [uri "/site/wp-json/wp/v2/users/"] [unique_id "aGwaGd-pZJ3qMDbkrD6T1QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฑ
Dolphi
2025-07-07 18:50:03
(1 year ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐ฉ๐ช
FeG Deutschland
2025-07-07 18:34:22
(1 year ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
๐ฉ๐ช
kernel-error.de
2025-07-07 18:34:22
(1 year ago)
::ffff:139.59.99.73 - - [07/Jul/2025:20:34:20 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozil ...
show more
::ffff:139.59.99.73 - - [07/Jul/2025:20:34:20 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
::ffff:139.59.99.73 - - [07/Jul/2025:20:34:21 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
::ffff:139.59.99.73 - - [07/Jul/2025:20:34:21 +0200] "POST //xmlrpc.php HTTP/1.1" 403 428 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
...
show less
Brute-Force
Web App Attack
Anonymous
2025-07-07 18:29:56
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ฌ๐ง
thetomtaylor.co.uk
2025-07-07 18:22:13
(1 year ago)
Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer
... [wa02]
Bad Web Bot
Web App Attack
Anonymous
2025-07-07 17:45:51
(1 year ago)
[redacted] 139.59.99.73 - - [07/Jul/2025:19:45:39 +0200] "POST //xmlrpc.php HTTP/1.1" 200 403 "-" "M ...
show more
[redacted] 139.59.99.73 - - [07/Jul/2025:19:45:39 +0200] "POST //xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 139.59.99.73 - - [07/Jul/2025:19:45:40 +0200] "POST //xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 139.59.99.73 - - [07/Jul/2025:19:45:41 +0200] "POST //xmlrpc.php HTTP/1.1" 200 426 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 139.59.99.73 - - [07/Jul/2025:19:45:43 +0200] "POST //xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
[redacted] 139.59.99.73 - - [07/Jul/2025:19:45:44 +0200] "POST //xmlrpc.php HTTP/1.1" 200 403 "-" "Moz
...
show less
Hacking
Web App Attack
๐ง๐ช
cmbplf
2025-07-07 17:25:02
(1 year ago)
141 requests with url.path *config.json
128 requests with url.path *config.php
112 requests with ...
show more
141 requests with url.path *config.json
128 requests with url.path *config.php
112 requests with url.path *.env
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
antlac1
2025-07-07 17:16:02
(1 year ago)
crowdsecurity/CVE-2017-9841
Brute-Force
Web App Attack
๐ฌ๐ง
Aetherweb Ark
2025-07-07 17:04:41
(1 year ago)
(mod_security) mod_security (id:949110) triggered by 139.59.99.73 (SG/Singapore/-): N in the last X ...
show more
(mod_security) mod_security (id:949110) triggered by 139.59.99.73 (SG/Singapore/-): N in the last X secs
show less
Web App Attack