๐บ๐ธ
cwytech
2026-07-09 11:36:34
(53 minutes ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wordpress-login-lockdown-high.
Bad Web Bot
Web App Attack
๐ต๐พ
armandosaucedo.me
2026-07-08 22:48:15
(13 hours ago)
Threat Intelligence via ARMTI, Web Attack: GET /wp-login.php
Web App Attack
Anonymous
2026-07-03 01:43:10
(6 days ago)
Attac
Brute-Force
๐ฌ๐ง
consul.to
2026-06-26 19:54:37
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐ฏ๐ต
SentinalX by uzumaru
2026-06-10 05:37:26
(4 weeks ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443
show less
Open Proxy
Port Scan
๐ฉ๐ช
maxpower
2026-05-23 09:12:59
(1 month ago)
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 98.159.233.233 (US/United States/-): 1 in the ...
show more
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 98.159.233.233 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 98.159.233.233 - - [23/May/2026:11:12:53 +0200] "GET /wp-content/themes/404.php HTTP/2.0" 200 4736 "http://elektra.ovh/wp-content/themes/404.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/121.0" "98.159.233.233" host=elektra.ovh
show less
Port Scan
๐ซ๐ท
Octopuce
2026-05-22 09:58:54
(1 month ago)
Aggressive web search of vulnerable pages: /wp-content/upgrade/wordpress-6.9.1-partial-0/wordpress/w ...
show more
Aggressive web search of vulnerable pages: /wp-content/upgrade/wordpress-6.9.1-partial-0/wordpress/wp-admin/admin.php /wp-content/plugins/enhan ...
show less
Web App Attack
๐ซ๐ท
masterguru
2026-05-22 09:23:56
(1 month ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-196)
show less
Bad Web Bot
๐ฉ๐ช
LRob
2026-05-22 06:45:07
(1 month ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-05-21 18:45:39
(1 month ago)
Excessive 404/403 errors
Brute-Force
๐ซ๐ฎ
mickp
2026-05-21 10:42:44
(1 month ago)
98.159.233.233 - - [21/May/2026:10:38:41 +0000] "GET / HTTP/1.1" 302 0 "-" "Go-http-client/1.1"
98.1 ...
show more
98.159.233.233 - - [21/May/2026:10:38:41 +0000] "GET / HTTP/1.1" 302 0 "-" "Go-http-client/1.1"
98.159.233.233 - - [21/May/2026:10:41:45 +0000] "GET /wp-includes/blocks/code/about.php HTTP/1.1" 302 0 "http://easyagents.dev/wp-includes/blocks/code/about.php" "Go-http-client/1.1"
98.159.233.233 - - [21/May/2026:10:41:45 +0000] "GET /under-construction HTTP/1.1" 200 9043 "https://easyagents.dev/wp-includes/blocks/code/about.php" "Go-http-client/1.1"
98.159.233.233 - - [21/May/2026:10:41:46 +0000] "GET /wp-includes/blocks/social-links/wp-login.php HTTP/1.1" 302 0 "http://easyagents.dev/wp-includes/blocks/social-links/wp-login.php" "Go-http-client/1.1"
98.159.233.233 - - [21/May/2026:10:41:46 +0000] "GET /under-construction HTTP/1.1" 200 9044 "https://easyagents.dev/wp-includes/blocks/social-links/wp-login.php" "Go-http-client/1.1"
98.159.233.233 - - [21/May/2026:10:41:46 +0000] "GET /wp-includes/SimplePie/library/SimplePie/Parse/about.php HTTP/1.1" 302 0 "http://easyagents.dev/wp-includes/
...
show less
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
rb-sys
2026-05-20 23:56:31
(1 month ago)
2026-05-20T23:56:31.479477+00:00 rbdns kernel: [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:11:65:b4:ae:e8:eb: ...
show more
2026-05-20T23:56:31.479477+00:00 rbdns kernel: [UFW BLOCK] IN=eth0 OUT= MAC=bc:24:11:65:b4:ae:e8:eb:d3:b1:0a:77:08:00 SRC=98.159.233.233 DST=102.214.10.82 LEN=64 TOS=0x08 PREC=0x20 TTL=47 ID=34102 DF PROTO=TCP SPT=58644 DPT=53 WINDOW=64240 RES=0x00 SYN URGP=0
...
show less
Port Scan
๐บ๐ธ
mnsf
2026-05-20 17:05:17
(1 month ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-15 22:00:24
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-15
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-04-25 07:49:54
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 98.159.233.233 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 98.159.233.233 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 03:49:50.476932 2026] [security2:error] [pid 572396:tid 572396] [client 98.159.233.233:38157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crearetest.com"] [uri "/wp-config.php"] [unique_id "aexyHqhYrt7mpMPR9e88zgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack