๐ซ๐ท
largo-it.net
2026-07-15 07:53:11
(31 minutes ago)
Jul 15 09:53:08 vps-9f3cdc33 haproxy[852896]: 167.172.239.93:64897 [15/Jul/2026:09:53:08.446] www_fr ...
show more
Jul 15 09:53:08 vps-9f3cdc33 haproxy[852896]: 167.172.239.93:64897 [15/Jul/2026:09:53:08.446] www_frontend~ finance_cluster/finance1_test1_https 86/0/11/62/159 404 3151 - - ---- 66/20/0/0/0 0/0 "GET /fr//wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 15 09:53:08 vps-9f3cdc33 haproxy[852896]: 167.172.239.93:64897 [15/Jul/2026:09:53:08.605] www_frontend~ finance_cluster/finance1_test1_https 86/0/10/62/158 404 3151 - - ---- 66/20/0/0/0 0/0 "GET /fr//xmlrpc.php?rsd HTTP/1.1"
Jul 15 09:53:09 vps-9f3cdc33 haproxy[852896]: 167.172.239.93:64897 [15/Jul/2026:09:53:09.731] www_frontend~ finance_cluster/finance1_test1_https 88/0/11/60/159 404 3151 - - ---- 66/20/0/0/0 0/0 "GET /fr//blog/wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 15 09:53:10 vps-9f3cdc33 haproxy[852896]: 167.172.239.93:64897 [15/Jul/2026:09:53:09.891] www_frontend~ finance_cluster/finance1_test1_https 86/0/11/58/155 404 3151 - - ---- 66/20/0/0/0 0/0 "GET /fr//web/wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 15 09:53:10 vps-9f3cdc33 haproxy
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ฎ๐ณ
evicky2002
2026-07-15 06:00:00
(2 hours ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
Anonymous
2026-07-15 02:51:31
(5 hours ago)
Failed Wordpress Logins
Web App Attack
Anonymous
2026-07-15 02:35:07
(5 hours ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐ฆ๐บ
Klaverstyn
2026-07-15 00:21:27
(8 hours ago)
Excessive HTTP request rate
Web App Attack
๐ฉ๐ช
on-com
2026-07-14 23:45:42
(8 hours ago)
URL scan
Brute-Force
Web App Attack
๐ฉ๐ช
ketovoila.pl
2026-07-14 22:32:37
(9 hours ago)
ketovoila.pl WordPress reconnaissance scan: hits=5; unique_paths=5; sample_paths=/2019/wp-includes/w ...
show more
ketovoila.pl WordPress reconnaissance scan: hits=5; unique_paths=5; sample_paths=/2019/wp-includes/wlwmanifest.xml,/media/wp-includes/wlwmanifest.xml,/sito/wp-includes/wlwmanifest.xml; UA="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"; window=2026-07-14T22:32:37Z..2026-07-14T22:32:37Z
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
largo-it.net
2026-07-14 21:54:34
(10 hours ago)
Jul 14 23:54:32 vps-9f3cdc33 haproxy[764400]: 167.172.239.93:65201 [14/Jul/2026:23:54:32.378] www_fr ...
show more
Jul 14 23:54:32 vps-9f3cdc33 haproxy[764400]: 167.172.239.93:65201 [14/Jul/2026:23:54:32.378] www_frontend~ finance_cluster/finance1_test1_https 84/0/11/49/144 404 3151 - - ---- 54/8/0/0/0 0/0 "GET /fr//wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 14 23:54:32 vps-9f3cdc33 haproxy[764400]: 167.172.239.93:65201 [14/Jul/2026:23:54:32.522] www_frontend~ finance_cluster/finance1_test1_https 83/0/11/48/142 404 3151 - - ---- 54/8/0/0/0 0/0 "GET /fr//xmlrpc.php?rsd HTTP/1.1"
Jul 14 23:54:33 vps-9f3cdc33 haproxy[764400]: 167.172.239.93:65201 [14/Jul/2026:23:54:33.479] www_frontend~ finance_cluster/finance1_test1_https 85/0/11/49/145 404 3151 - - ---- 53/7/0/0/0 0/0 "GET /fr//blog/wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 14 23:54:33 vps-9f3cdc33 haproxy[764400]: 167.172.239.93:65201 [14/Jul/2026:23:54:33.624] www_frontend~ finance_cluster/finance1_test1_https 83/0/11/46/140 404 3151 - - ---- 53/7/0/0/0 0/0 "GET /fr//web/wp-includes/wlwmanifest.xml HTTP/1.1"
Jul 14 23:54:33 vps-9f3cdc33 haproxy[764
...
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 20:04:38
(12 hours ago)
(mod_security) mod_security (id:225170) triggered by 167.172.239.93 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.239.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 16:04:32.264422 2026] [security2:error] [pid 1329503:tid 1329503] [client 167.172.239.93:57060] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fatcaverecords.fatcavemedia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fatcaverecords.fatcavemedia.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alaWUIwH7OejkiX53Gj7-AAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-07-14 18:08:32
(14 hours ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
Anonymous
2026-07-14 17:06:49
(15 hours ago)
(wordpress) Failed wordpress login from 167.172.239.93 (US/United States/New Jersey/Clifton/-/[redac ...
show more
(wordpress) Failed wordpress login from 167.172.239.93 (US/United States/New Jersey/Clifton/-/[redacted])
show less
Brute-Force
Anonymous
2026-07-14 14:50:52
(17 hours ago)
(wordpress) Failed wordpress login from 167.172.239.93 (US/United States/-)
Brute-Force
๐ฉ๐ช
todix
2026-07-14 14:21:05
(18 hours ago)
Web App Attack Exploid from 167.172.239.93
Web App Attack
๐ณ๐ฑ
Roderic
2026-07-14 13:32:30
(18 hours ago)
(wordpress-404) Searching for non-existent wordpress installs from 167.172.239.93 (US/United States/ ...
show more
(wordpress-404) Searching for non-existent wordpress installs from 167.172.239.93 (US/United States/New Jersey/Clifton/-/[redacted])
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-14 13:21:07
(19 hours ago)
(mod_security) mod_security (id:225170) triggered by 167.172.239.93 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 167.172.239.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 09:21:02.715268 2026] [security2:error] [pid 4126:tid 4126] [client 167.172.239.93:55930] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||edgecomix.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "edgecomix.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alY3vuQov4nmxIShd2rwLwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack