๐ธ๐ฌ
securejdprop
2026-07-14 03:43:57
(3 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing
Hacking
Web App Attack
๐ฌ๐ท
setupgr
2026-07-14 02:34:09
(4 hours ago)
(wplogin_block) Blocked WP-Login Access Attempt 178.128.104.103 (SG/Singapore/-/Singapore (Pioneer)/ ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 178.128.104.103 (SG/Singapore/-/Singapore (Pioneer)/-/[AS14061 DIGITALOCEAN-ASN]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 178.128.104.103 - - [14/Jul/2026:05:17:39 +0300] "POST /wp-login.php HTTP/1.1" 302 - "https://cpanagiotou.gr/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15) Gecko/20100101 Firefox/120.0.1"
show less
Port Scan
๐ฉ๐ช
LRob
2026-07-14 02:21:50
(4 hours ago)
CrowdSec: lrob/wp-login-flood | req: /wp-login.php | 3 distinct paths | UA: Mozilla/5.0 (Windows NT ...
show more
CrowdSec: lrob/wp-login-flood | req: /wp-login.php | 3 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.5993.88 Safari/537.36
show less
Brute-Force
Web App Attack
๐ฌ๐ท
setupgr
2026-07-14 01:17:36
(6 hours ago)
(wplogin_block) Blocked WP-Login Access Attempt 178.128.104.103 (SG/Singapore/-/Singapore (Pioneer)/ ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 178.128.104.103 (SG/Singapore/-/Singapore (Pioneer)/-/[AS14061 DIGITALOCEAN-ASN]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 178.128.104.103 - - [14/Jul/2026:04:17:01 +0300] "GET /wp-login.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.85 Safari/537.36"
show less
Port Scan
๐ฉ๐ช
LRob
2026-07-13 21:39:45
(9 hours ago)
CrowdSec: lrob/wp-login-flood | req: /wp-admin/index.php | 2 distinct paths | UA: Mozilla/5.0 (Macin ...
show more
CrowdSec: lrob/wp-login-flood | req: /wp-admin/index.php | 2 distinct paths | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.1.15
show less
Brute-Force
Web App Attack
๐ง๐ช
taivas.nl
2026-07-13 20:02:10
(11 hours ago)
Wordpress_login_attempts
Bad Web Bot
๐ฎ๐ฉ
Burayot
2026-07-13 19:24:09
(11 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 178.128.104.103 (SG/Singapore/-): 1 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 178.128.104.103 (SG/Singapore/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฌ๐ท
setupgr
2026-07-13 18:15:22
(13 hours ago)
(wplogin_block) Blocked WP-Login Access Attempt 178.128.104.103 (SG/Singapore/-/Singapore (Pioneer)/ ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 178.128.104.103 (SG/Singapore/-/Singapore (Pioneer)/-/[AS14061 DIGITALOCEAN-ASN]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 178.128.104.103 - - [13/Jul/2026:21:13:53 +0300] "GET /wp-login.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
show less
Port Scan
๐ณ๐ฑ
Site.eu
2026-07-13 17:26:13
(13 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
cwytech
2026-07-13 17:22:34
(13 hours ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 16:54:52
(14 hours ago)
(mod_security) mod_security (id:225170) triggered by 178.128.104.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 178.128.104.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 12:54:47.379919 2026] [security2:error] [pid 25932:tid 25932] [client 178.128.104.103:60049] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||carolinafootprints.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "carolinafootprints.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alUYV61I6I0hFLxYlx4WwgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 15:14:16
(16 hours ago)
(mod_security) mod_security (id:225170) triggered by 178.128.104.103 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 178.128.104.103 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 11:14:08.245752 2026] [security2:error] [pid 8098:tid 8098] [client 178.128.104.103:64825] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cynosurephotography.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cynosurephotography.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alUAwJSqq03hTxxiE5vgbwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-13 14:51:50
(16 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฉ๐ช
Tha_14
2026-07-13 14:43:45
(16 hours ago)
Attempt to log in with non-existing username: david.pueray
Bad Web Bot
Anonymous
2026-07-13 03:50:06
(1 day ago)
2026-07-13T05:49:46.037619+02:00 wordpress(www.dog-protector.de)[154761]: Authentication attempt fo ...
show more
2026-07-13T05:49:46.037619+02:00 wordpress(www.dog-protector.de)[154761]: Authentication attempt for unknown user orangecarphuket.com from 178.128.104.103
show less
Web Spam
Blog Spam
Brute-Force
Web App Attack