๐ฉ๐ช
FeG Deutschland
2026-07-01 20:28:46
(14 minutes ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 257
Exploited Host
Web App Attack
๐ท๐ด
INTEQ
2026-07-01 19:08:31
(1 hour ago)
Web attack from 52.232.35.131
Web App Attack
๐ฉ๐ช
bsoft.de
2026-07-01 18:59:59
(1 hour ago)
52.232.35.131 - - [01/Jul/2026:20:38:52 +0200] "GET /wp-login.php HTTP/1.1" 404 74268 "https://bolte ...
show more
52.232.35.131 - - [01/Jul/2026:20:38:52 +0200] "GET /wp-login.php HTTP/1.1" 404 74268 "https://bolte.de/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_10) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
52.232.35.131 - - [01/Jul/2026:20:59:57 +0200] "GET /wp-login.php HTTP/1.1" 200 8699 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
52.232.35.131 - - [01/Jul/2026:20:59:58 +0200] "POST /wp-login.php HTTP/1.1" 200 9143 "https://kgsjw-freunde.de/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
show less
Web App Attack
๐ฌ๐ง
ISPLtd
2026-07-01 18:52:09
(1 hour ago)
52.232.35.131 - - [01/Jul/2026:15:52:08 -0300] "GET /wp-login.php
52.232.35.131 - - [01/Jul/2026:15: ...
show more
52.232.35.131 - - [01/Jul/2026:15:52:08 -0300] "GET /wp-login.php
52.232.35.131 - - [01/Jul/2026:15:52:08 -0300] "POST /wp-login.php
...
show less
Hacking
Web App Attack
๐จ๐ฟ
plzenskypruvodce.cz
2026-07-01 18:30:22
(2 hours ago)
2026-07-01T20:30:21.417732+02:00 web wordpress(varhanykolin.cz)[2889654]: Immediately block connecti ...
show more
2026-07-01T20:30:21.417732+02:00 web wordpress(varhanykolin.cz)[2889654]: Immediately block connections from 52.232.35.131
...
show less
Brute-Force
๐ธ๐ฌ
abuseipreport.darajati
2026-07-01 18:16:46
(2 hours ago)
52.232.35.131 - - [2026-07-02T02:07:24+08:00] "POST /wp-login.php HTTP/1.1" 200 2117 "https://hestia ...
show more
52.232.35.131 - - [2026-07-02T02:07:24+08:00] "POST /wp-login.php HTTP/1.1" 200 2117 "https://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (X11; CrOS x86_64 14541.0.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
52.232.35.131 - - [2026-07-02T02:10:44+08:00] "POST /wp-login.php HTTP/1.1" 200 2116 "https://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
52.232.35.131 - - [2026-07-02T02:12:50+08:00] "POST /wp-login.php HTTP/1.1" 200 2118 "https://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
52.232.35.131 - - [2026-07-02T02:14:17+08:00] "POST /wp-login.php HTTP/1.1" 200 2118 "https://hestiaistiviani.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
52.232.35.131 - - [2026-07-
...
show less
Web App Attack
Anonymous
2026-07-01 17:44:58
(2 hours ago)
[Wed Jul 01 19:44:57.134909 2026] [authz_core:error] [pid 139600:tid 139634] [client 52.232.35.131:5 ...
show more
[Wed Jul 01 19:44:57.134909 2026] [authz_core:error] [pid 139600:tid 139634] [client 52.232.35.131:59160] AH01630: client denied by server configuration: /var/www/cimt-precision/wp-login.php
[Wed Jul 01 19:44:57.181765 2026] [authz_core:error] [pid 139600:tid 139646] [client 52.232.35.131:59160] AH01630: client denied by server configuration: /var/www/cimt-precision/wp-login.php, referer: https://pre.cimt-precision.de/wp-login.php
...
show less
Brute-Force
Web App Attack
๐ซ๐ท
Campus France
2026-07-01 17:40:32
(3 hours ago)
52.232.35.131 - - [01/Jul/2026:13:39:40 +0200] "POST /wp-login.php HTTP/1.1" 200 2495 "https://www.p ...
show more
52.232.35.131 - - [01/Jul/2026:13:39:40 +0200] "POST /wp-login.php HTTP/1.1" 200 2495 "https://www.perpignan.radiocampus.fr/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
52.232.35.131 - - [01/Jul/2026:14:22:13 +0200] "POST /wp-login.php HTTP/1.1" 200 2495 "https://perpignan.radiocampus.fr/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
52.232.35.131 - - [01/Jul/2026:16:29:47 +0200] "POST /wp-login.php HTTP/1.1" 200 2495 "https://perpignan.radiocampus.fr/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3 Safari/605.1.15"
52.232.35.131 - - [01/Jul/2026:18:38:15 +0200] "POST /wp-login.php HTTP/1.1" 200 2495 "https://perpignan.radiocampus.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Ge
...
show less
Brute-Force
Web App Attack
๐ฌ๐ท
setupgr
2026-07-01 17:33:27
(3 hours ago)
(wplogin_block) Blocked WP-Login Access Attempt 52.232.35.131 (NL/The Netherlands/North Holland/Amst ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 52.232.35.131 (NL/The Netherlands/North Holland/Amsterdam/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 52.232.35.131 - - [01/Jul/2026:20:33:22 +0300] "GET /wp-login.php HTTP/2.0" 200 5193 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
show less
Port Scan
๐จ๐ฟ
plzenskypruvodce.cz
2026-07-01 17:29:22
(3 hours ago)
2026-07-01T19:23:53.993641+02:00 web wordpress(www.upzcr.cz)[2869460]: Authentication failure for bu ...
show more
2026-07-01T19:23:53.993641+02:00 web wordpress(www.upzcr.cz)[2869460]: Authentication failure for buchtic from 52.232.35.131
2026-07-01T19:28:28.213146+02:00 web wordpress(upzcr.cz)[2865530]: Authentication failure for michela from 52.232.35.131
2026-07-01T19:29:21.933272+02:00 web wordpress(gpfans.cz)[2882705]: Authentication attempt for unknown user buchtic from 52.232.35.131
...
show less
Brute-Force
๐ฎ๐น
eliosbrocchi
2026-07-01 17:23:41
(3 hours ago)
2026-07-01T19:23:40.025318+02:00 thunderchild wordpress(www.crislio.com)[1209770]: Immediately block ...
show more
2026-07-01T19:23:40.025318+02:00 thunderchild wordpress(www.crislio.com)[1209770]: Immediately block connections from 52.232.35.131
...
show less
VPN IP
๐ฌ๐ง
Mendip_Defender
2026-07-01 17:20:58
(3 hours ago)
52.232.35.131 - - [01/Jul/2026:18:20:48 +0100] "GET /wp-login.php HTTP/1.1" 200 7827 "https://wessex ...
show more
52.232.35.131 - - [01/Jul/2026:18:20:48 +0100] "GET /wp-login.php HTTP/1.1" 200 7827 "https://wessex4x4response.org.uk/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
52.232.35.131 - - [01/Jul/2026:18:20:50 +0100] "GET /wp-login.php HTTP/1.1" 200 7827 "https://wessex4x4response.org.uk/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
...
show less
Brute-Force
๐ซ๐ท
Sysadmin Peter
2026-07-01 17:11:54
(3 hours ago)
52.232.35.131 - - [01/Jul/2026:18:29:17 +0200] "POST /wp-login.php HTTP/2.0" 200 3093 "https://ja-so ...
show more
52.232.35.131 - - [01/Jul/2026:18:29:17 +0200] "POST /wp-login.php HTTP/2.0" 200 3093 "https://ja-solar.nz/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
52.232.35.131 - - [01/Jul/2026:19:11:53 +0200] "POST /wp-login.php HTTP/2.0" 200 3085 "https://ja-solar.nz/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐จ๐ญ
4server
2026-07-01 17:02:34
(3 hours ago)
[WedJul0119:02:29.8920162026][security2:error][pid740472:tid740497][client52.232.35.131:0]ModSecurit ...
show more
[WedJul0119:02:29.8920162026][security2:error][pid740472:tid740497][client52.232.35.131:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"whatsdecor.comarcosa.com\"][uri\"/wp-login.php\"][unique_id\"akVIJbqlWgDq9jnn6kqCtwAAAFc\"]\,referer:https://whatsdecor.comarcosa.com/wp-login.php
show less
Hacking
Web App Attack
๐ฌ๐ง
ISPLtd
2026-07-01 16:42:30
(4 hours ago)
52.232.35.131 - - [01/Jul/2026:13:42:29 -0300] "GET /wp-login.php
52.232.35.131 - - [01/Jul/2026:13: ...
show more
52.232.35.131 - - [01/Jul/2026:13:42:29 -0300] "GET /wp-login.php
52.232.35.131 - - [01/Jul/2026:13:42:29 -0300] "POST /wp-login.php
...
show less
Hacking
Web App Attack