πΊπΈ
Lezetho
2026-07-02 03:00:16
(49 minutes ago)
DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare
DDoS Attack
Email Spam
Hacking
Brute-Force
Anonymous
2026-07-02 02:56:17
(53 minutes ago)
169.239.183.229 - - > www.allacasadilucia.it [02/Jul/2026:04:56:15 +0200] "POST //xmlrpc.php HTTP/1. ...
show more
169.239.183.229 - - > www.allacasadilucia.it [02/Jul/2026:04:56:15 +0200] "POST //xmlrpc.php HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
169.239.183.229 - - > www.allacasadilucia.it [02/Jul/2026:04:56:16 +0200] "POST //wp-login.php HTTP/1.1" 200 6466 "https://www.allacasadilucia.it//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
169.239.183.229 - - > www.allacasadilucia.it [02/Jul/2026:04:56:16 +0200] "POST //wp-login.php HTTP/1.1" 200 6466 "https://www.allacasadilucia.it//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
169.239.183.229 - - > www.allacasadilucia.it [02/Jul/2026:04:56:16 +0200] "POST //wp-login.php HTTP/1.1" 200 6466 "https://www.allacasadilucia.it//wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64
...
show less
Hacking
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-02 02:48:51
(1 hour ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-07-02 01:58:04
(1 hour ago)
Bot / scanning and/or hacking attempts: POST //xmlrpc.php HTTP/1.1, GET / HTTP/1.1
Hacking
Web App Attack
πΊπΈ
CounterScrape
2026-07-02 00:04:06
(3 hours ago)
CounterScrape Deception: Bot identified as EXPLOIT_SCANNER (Vulnerability / Exploit Scanning). Trapp ...
show more
CounterScrape Deception: Bot identified as EXPLOIT_SCANNER (Vulnerability / Exploit Scanning). Trapped in honeypot. Concurrency hits: 1. Bandwidth drained: 0.0 MB.
show less
Bad Web Bot
Port Scan
πΊπΈ
TPI-Abuse
2026-07-01 15:14:45
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 169.239.183.229 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 169.239.183.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:14:38.964848 2026] [security2:error] [pid 21427:tid 21427] [client 169.239.183.229:51132] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 169.239.183.229 (+1 hits since last alert)|www.cier.xyz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.cier.xyz"] [uri "/xmlrpc.php"] [unique_id "akUu3psEUFoA5boK-l8PMwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 13:20:21
(14 hours ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
Anonymous
2026-07-01 12:00:14
(15 hours ago)
| CMS brute-force from dangerous country South Africa (6 attempts in 3 min)
Web App Attack
Hacking
SQL Injection
Anonymous
2026-07-01 11:42:02
(16 hours ago)
Unauthorized SSH login attempts
Brute-Force
SSH
π«π·
Baking333
2026-07-01 10:25:05
(17 hours ago)
[redacted] 169.239.183.229 - - [01/Jul/2026:11:25:03 +0100] "GET //wp-includes/[redacted] HTTP/1.1" ...
show more
[redacted] 169.239.183.229 - - [01/Jul/2026:11:25:03 +0100] "GET //wp-includes/[redacted] HTTP/1.1" 302 6773 0/82675 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" [redacted] 169.239.183.229 - - [01/Jul/2026:11:25:03 +0100] "GET //[redacted]?rsd HTTP/1.1" 302 1554 0/87209 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
show less
Bad Web Bot
Web App Attack
π©πͺ
big-cloud.nl
2026-07-01 09:51:45
(17 hours ago)
Try to access /xmlrpc.php?rsd
Web App Attack
π§πΎ
lns.bz
2026-07-01 08:08:31
(19 hours ago)
Too many 404 requests [BY]
Web App Attack
πͺπΈ
antivoid.xyz
2026-07-01 07:55:54
(19 hours ago)
Brute-Force
Web App Attack
Anonymous
2026-07-01 07:49:11
(20 hours ago)
169.239.183.229 - - [01/Jul/2026:09:49:08 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 55 ...
show more
169.239.183.229 - - [01/Jul/2026:09:49:08 +0200] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
169.239.183.229 - - [01/Jul/2026:09:49:09 +0200] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
169.239.183.229 - - [01/Jul/2026:09:49:10 +0200] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
169.239.183.229 - - [01/Jul/2026:09:49:10 +0200] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
169.239.183.229 - - [01/Jul/2026:09:49:10 +0200] "GET //website/wp-includes/wlwmanife
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-01 05:05:38
(22 hours ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=20
Hacking