๐บ๐ธ
bazter.pro
2026-05-09 21:28:26
(2 months ago)
Auto-Ban [2026-05-10 00:28:22]: CRITICAL: Sensitive files (4); DC: P4 Sp. z o.o. [Paths: 2] | Detail ...
show more
Auto-Ban [2026-05-10 00:28:22]: CRITICAL: Sensitive files (4); DC: P4 Sp. z o.o. [Paths: 2] | Details: Sensitive files/paths: /xmlrpc.php, /xmlrpc.php, /xmlrpc.php, /xmlrpc.php | 404 errors (2): /xmlrpc.php, /wp-login.php
show less
Web App Attack
Hacking
๐ณ๐ฑ
Site.eu
2026-05-08 07:26:03
(2 months ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-05-07 15:46:14
(2 months ago)
Failed Wordpress Logins
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-05-06 22:40:47
(2 months ago)
Brute-Force
Web App Attack
Anonymous
2026-05-06 06:46:24
(2 months ago)
Failed Wordpress Logins
Web App Attack
๐ฉ๐ช
Viveronese
2026-05-05 07:41:39
(2 months ago)
Wordpress vulnerability scanning
Web App Attack
Anonymous
2026-05-05 07:05:15
(2 months ago)
89.25.230.156 - - [05/May/2026:15:05:14 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 ...
show more
89.25.230.156 - - [05/May/2026:15:05:14 +0800] "POST /xmlrpc.php HTTP/1.1" 200 401 "-" "Mozilla/5.0 (Windows NT 6.1; Trident/7.0; MATP; rv:11.0) like Gecko"
...
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-05-05 06:44:24
(2 months ago)
89.25.230.156 - - [05/May/2026:08:42:47 +0200] "POST /wp-login.php HTTP/1.1" 200 7284 "https://stagi ...
show more
89.25.230.156 - - [05/May/2026:08:42:47 +0200] "POST /wp-login.php HTTP/1.1" 200 7284 "https://staging.die-netzialisten.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.181 Safari/537.36"
89.25.230.156 - - [05/May/2026:08:44:15 +0200] "POST /wp-login.php HTTP/1.1" 200 8175 "https://die-netzialisten.de/wp-login.php" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 10.0; WOW64; Trident/7.0; .NET4.0C; .NET4.0E; .NET CLR 2.0.50727; .NET CLR 3.0.30729; .NET CLR 3.5.30729; Tablet PC 2.0)"
89.25.230.156 - - [05/May/2026:08:44:23 +0200] "POST /wp-login.php HTTP/1.1" 200 7282 "https://staging.die-netzialisten.de/wp-login.php" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.117 Safari/537.36"
show less
Hacking
Web App Attack
๐ฉ๐ช
netclix.gr
2026-05-05 06:35:22
(2 months ago)
(wordpress) Failed wordpress login from 89.25.230.156 (PL/Poland/-): (CF_ENABLE)
Brute-Force
Anonymous
2026-05-05 06:31:27
(2 months ago)
host-ipset-guard auto-report; server=ssd5.kdns.gr; rule=httpd-login-spray-site; count=6/6; duration= ...
show more
host-ipset-guard auto-report; server=ssd5.kdns.gr; rule=httpd-login-spray-site; count=6/6; duration=72h; scope=ssd5.kdns.gr; country=PL; sites=hparxo.gr; samples=site_wide=true | distinct_ips=6 | /wp-login.php
show less
Brute-Force
Web App Attack
๐ซ๐ท
francoisunix
2026-05-05 06:30:13
(2 months ago)
89.25.230.156 - - [05/May/2026:04:17:04 +0000] "GET /wp-login.php HTTP/1.0" 401 14903 "-" "Mozilla/5 ...
show more
89.25.230.156 - - [05/May/2026:04:17:04 +0000] "GET /wp-login.php HTTP/1.0" 401 14903 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36"
89.25.230.156 - - [05/May/2026:04:17:05 +0000] "POST /wp-login.php HTTP/1.0" 401 15353 "https://tagaz.fr/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.181 Safari/537.36"
89.25.230.156 - - [05/May/2026:05:24:04 +0000] "GET /wp-login.php HTTP/1.0" 401 14903 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/7.0)"
89.25.230.156 - - [05/May/2026:05:24:04 +0000] "POST /wp-login.php HTTP/1.0" 401 15354 "https://tagaz.fr/wp-login.php" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/7.0)"
89.25.230.156 - - [05/May/2026:06:30:11 +0000] "POST /xmlrpc.php HTTP/1.0" 401 413 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.339
...
show less
Web App Attack
๐บ๐ธ
mind5t0rm
2026-05-05 06:24:03
(2 months ago)
(WPLOGIN) WP Login Attack 89.25.230.156 (PL/Poland/-): 3 in the last 3600 secs; Ports: *; Direction: ...
show more
(WPLOGIN) WP Login Attack 89.25.230.156 (PL/Poland/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 89.25.230.156 - - [05/May/2026:12:32:17 +0700] "GET /wp-login.php HTTP/2.0" 200 3122 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"
89.25.230.156 - - [05/May/2026:12:32:20 +0700] "POST /wp-login.php HTTP/2.0" 200 4153 "https://thevasilis.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.36 Edge/16.16299"
89.25.230.156 - - [05/May/2026:13:24:01 +0700] "GET /wp-login.php HTTP/2.0" 200 2686 "https://www.greekthai.com/wp-login.php" "Mozilla/5.0 (Windows NT 6.3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
show less
Port Scan
๐บ๐ธ
ambor
2026-05-05 04:11:44
(2 months ago)
L0ss Honeypot: WordPress login access attempt. Path: /wp-login.php
Brute-Force
Web App Attack
๐ช๐ธ
SweetHoneyPress
2026-05-05 03:57:22
(2 months ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=611807 | UA: Mozilla/5.0 (Windows NT 6.1; WOW64; ...
show more
WordPress honeypot: POST to /xmlrpc.php | event_id=611807 | UA: Mozilla/5.0 (Windows NT 6.1; WOW64; Trident/7.0; TNJB; rv:11.0) like Gecko
show less
Web App Attack
Brute-Force
๐ฉ๐ช
Click-Networks
2026-05-05 03:08:53
(2 months ago)
Web Spam
Brute-Force
Exploited Host