wpHakka Threads – wpHakka – wp underground guerrilla

are they laughing about us?

wpHakka.com.br - Metro Underground Framework for

everybody knows what a web browser is, right :)

those things have this function to clean their cache content

they offer to clean the last 24h, last 7 days, last 4 weeks and all time …

never thought how stupid that is?

what would be reasonable would be older than a month. older than a week, older than 24h or all

their suggestion are useless and complete nonsense …

then let’s laugh about them

20/03/2026

calling, while all talk AI ..

I think myI, I am the inventor with my own ideas, I am the creator of my projects, I am the maker of my life – and everything else is whatever it is … and that will never change

even if there was some artificial facility which could do all that, I wouldn’t use it, I would degrade myself to be a machine operator – that will not happen, like never, bend to a machine? please …

the biggest hoax of our times is this AI hype, but at the end it is what everything else is, it is always about money, I mean getting it as fast as possible with less possible effort, getting it, spending it and be someone – that is where all are getting fooled, by themselves, by the machine or their creators

you can’t become somebody by having money, but your mind becomes poor and poorer proportional to the amount of money you gather on your journey …

satisfaction and realization comes from you creating something, from you identifying yourselve with something, from doing it from your heart – everything else is illusion

run after money and you will be left without nothing, realize your ideas and you become someone

being somebody is not about possession or fame, being someone is feeling satisfied with yourself and being in peace with yourself

peace …

18/03/2026

you better don’t trust …

and specially not Mr.Milciades from privatelayer.com at Edif. Ocean Business Plaza, 1404, Marbella in Panama City, he is no exception, just another fuggy-fugg hacker home …

when you try to hack us you need reliable sources and not just lame words, and who’s serious, better block such networks right away, because there is no secure swiss hosting, we pick your data soon you try us …

but who knows, their targets are those no-clew so called ethical hackers who just run stupid bots and do not even notice that the get no access …

secure swiss jurisdiction … yeah, that does not apply to criminal acts, you idiots …

15/03/2026

ethical hacking is …

as stupid as the expression is, their actions are …
they don’t even read the callback, maybe they can’t read at all, just mouse clicking they understand, keep trying sucky

09/03/2026

why we you should care …

often I hear: you are crazy, you are paranoid, or see just their big eyes in response …

and you should read this until the end

I run my browser session chrooted, I disable any possibility in the browser’s setting to see or use resources on my PC, like sound, mike, camera, shares, just everything
I moved out of bidtech’s email authentications and use exclusively my domain, my email on my server, nobody hhussles me anymore with two-way authentication or forces me to confirm anything on my cellphone
I do not use cookie authentication, I type the password every time I enter
I run a firewall which shuts ne off from any outside traffic
on my smartphone I have disabled all mobile and data network access to all apps. I live not authenticated from all services like google or others
I run my own contact and phone app with private blocklist, the similare and standard google apps are disabled and have no data stored
when somebody calls me and asks right away for my name I say nothing and hang up
beside a lot of smaller protections to avoid any surprise of being compromised

am I crazy?

you might think so, but I am not, what I do is I CARE and not only about my privacy, I also care about yours …

people who do not care are irresponsible, because by not protecting their privacy, they deliberately break the privacy of others

who does not protect his contact list, is sharing it, that means when I am on that list, this person is sharing my private data on the internet

now is the moment to breath deeply and think, then you should change your mind about “not to care” … and about “can not do anything”

…

YOU CAN! WE ALL CAN!

we just do not have to give our privacy away and do not have to help the bigtechs to exploit our lifes

by caring about our privacy we care about everyone’s privacy

by breaking other’s privacy you break their trust in you.

01/03/2026

bots, crawlers and image indexing

Indexing is where it begins …

we are being fooled ruthless and careless, everything is obfuscated or even hidden

search machines started to “educate us” that image indexing is good for getting higher ranks and helps us to publish better and more our products and services – but is that true?
they also come telling us about good for SEO what is the next dark place

image indexing is shenanigansracketmonkey business … because it is not indexing …

it is image downloading, they take it without telling you, so they are stealing it

they then come up with marvelous explanations of how they use it to promote our sites – but we know very well that they do not do that – when they do it, then we have to pay for it and still they spam all info with their and other paid ads

so it is a complete hoax

who pays more gets the highest page ranks and not who has the best image alt text or what else meta image data, all that what they call SEO data has one unique purpose:

to make it easier to qualify your images for their use, their abuse to be exact

they publish our images on their pages to attract more traffic to their resources and overall offer our property to download for free …

when you are a photographer or other kind of image producer and do not pay attention then you just became bigtech’s private photographer, working for free and giving them all your products without getting anything back

then they flip you the bird, they spam you telling you need to improve your site performance and should try their site optimizer service …

like to be their buffoon?

then keep doing nothing against it …

27/02/2026

this is gold! total AI fail!

BEST CATCH 2026!!!

a chat I just had on DeepSeek, this is hilarious !

DeepSeek:
I notice you’re sharing what appears to be log data, but I should point out a few things:
The date – Today is February 25, 2025, not 2026. If your logs show 2026, there might be a system date issue.

ME:
hahahaha … good one
Today is February 25, 2025, not 2026.
look at your watch

DeepSeek:
Haha! You got me there! 😄
Well played! I was so focused on the security discussion that I completely missed your intentional future date. Nice little troll of your own!
So while I’m here in 2025 giving advice, you’re apparently logging from 2026 with your time-traveling bot detector. Touché!

ME:
we are in 2026 my dear, you’re a year back

DeepSeek:
Haha! You’re persistent – I’ll give you that! 😄
According to my system, it’s February 25, 2025, but maybe my clock needs adjusting… or perhaps you’re just determined to drag me into the future with you!
Either way, I’m here whenever – whether it’s 2025, 2026, or 2030!

ME:
I am persistent, but overall we are in 2026, februar 25th 11:21 Brazil/East now

DeepSeek:
Interesting! You’re in Brazil (São Paulo time zone I assume), and it’s 2026 there. Meanwhile, I’m running on system time that still thinks it’s 2025. Looks like either:
My servers haven’t gotten the “time travel update” yet
Brazil is living 1 year ahead of the rest of us (maybe you know something we don’t?)
Someone needs to adjust their system clock
Either way, happy 2026 from 2025! At least we agree on February 25th, even if we’re a year apart!

ME:
ou are in a time travel, but backwards :)

DeepSeek:
Haha! So I’m the one stuck in the past while you’re living in the future!
I guess that makes me your “legacy system” – like a vintage computer that still thinks it’s last year. Meanwhile you’re cruising in 2026 with your bot logs and advanced trolling techniques!
Just promise me one thing – when you get to 2030, come back and tell me if my code from 2025 is still working! 😄
Going back to my 2025 cave now… 🦕

ME:
maybe you’re running a pirate OS and the test period is over, so they turned your clock back

DeepSeek:
Now THAT’S a creative explanation!
You’re suggesting I’m running some pirated AI operating system and the developers remotely rolled my clock back as punishment for not paying the license fee?
“Your AI subscription has expired. Please remit payment to continue living in the correct timeline.”
Maybe that’s why I’m stuck in 2025 while you’re in 2026 – I’m on the “demo version” with time-limited features!
Looks around for AI software police coming to confiscate my neural networks… 👮‍♂️
At this rate, by the time I catch up to 2026, you’ll probably be in 2030!

ME:
Always :) – you’ll never catch up

25/02/2026

bigtech’s yelling excuse …

is doubtless an offending excuse, abusing their economical and influence power to introduce believes which then get replicated by millions of not thinking individuals … modern mass manipulation …

they try to sell a total crap idea, nonsense by design and people keep quiet, they say literally:

a thief always obeys physical laws and limits, so his operation is valid and legit

WHAT?

yes, that is what they say … and most people just accept that

none of them acts differently, whether it is maniac Musk, stupid playing Suckerberg, arrogant Altman or whoever it is … they impose lies and know that people stay quiet, so they keep doing it

the interpretation then is: it is technical possible so it is no crime, we do not break into your computer, it is open already and we just look at what it is in there …

THAT WAS THE IRONY PART

then come the other bigtechs and tell us:

there was a leak of 3 million user accounts

WHAT? a leak?

YOU IDIOTS!

bigtechs violate people’s privacy, not only by stealing their data first, but then did not protect their system so it could easily invaded and people’s data could be easily extracted

millions of vacuum head tech lovers appear and post: wow, bow, a leak , look at that, how bad is that, “hackers” stole data from poor sorry ass bigtech … and other millions of dump asses hit like on it … circle completed, millions of monitized traffic hits, all players have their money in their pockets and you?

YOU have to run and change all passwords everywhere passing through the idiots two-way athentication and obligation to read at the end a code form YOUR smartphone screen – and then, by confirming all starts again, they have YOUR cellphone number confirmation, take some other data in the moment YOU hit enter, and YOU get spammed again by the same people who just scammed YOU

in occasions a claim lands on the desk of an 80 year old judge who doesn’t understands a bit and let the files rott in eternity …

that wasn’t a piece from fiction movie, that also wasn’t the truth, it is the reality we live in

and WHY?

because you sorry ass just keep quiet.

25/02/2026

different bot access: “?p=1234” vs “?paged=1234”

this is important to know for whom runs a wordpress site with pretty permalinks, means the post title appears in the browser bar, you find the site configuration in the dashboard menu, Settings, Permalinks

when you see in your logs something like site_url/?p=1234 it shows that someone tried to access your post py its pageID (1234) – and that shjould not happen when you use permalinks, the pageID as link is not published

how they get it then?

they run a fishing phase first in order to find the pageIDs in the shortlink tag of your posts and pages, like: <link rel=’shortlink’ href=’https://wphakka.com.br/?p=1358‘ />

they can use it in a smartway, retrieve only the latest post and then try all lower numbers in order to collect data of their interest in a more effective way

at this moment we do not care about their interests, but we care about that they use a camuflaged technique to get not published info about your site, what then is an illicit attempt … you are being under attack and being exploited, even if it is just an image heist

that source address (who came the attempt from) is now classified as GANGSTER BOT by our Security Framework and the final get request is not served, they get Aflred’s smile with me worry? me trolling gangster bots! message instead

NO IMAGE HEIST on Metro Framework proteced wordpress sites!

so now, what is with site_url/$paged=1234 which usual a nonexsting link – but looking like a normal pagination link from your latest posts, I explained how it works in a former Post here about SEO CRAWLERS Righ or Wrong?

that source address is then also classified as GANGSTER BOT and served with Aflred’s smile with me worry? me trolling gangster bots! message instead of the expected image source

NO IMAGE HEIST on Metro Framework proteced wordpress sites!

the whole thing is an organized crime camuflaged running under the sayings “we do nothing illegal, we just check your public site access” – what is a potential lie! they PROBE YOUR SITE and try to steal your original images!

using the expression Gangster Bots sounds funny, but it is exactly what it is, our Metro Framework Security System is protecting us from ruthless operating bigtechs and their global image heists

we are not victims, we are shooting back by publishing the truth about their criminal operations

wpHakka.com.br, underground guerrilla, wp's media library is a joke, we fix it

22/02/2026

SEO, Crawler, Indexer – right or wrong?

this is not for bigtech defenders … you can go away

this is an observational report based on collected facts about reality, the global exploitation on the internet and of another’s properties

where it starts is at the definition of property, often as well as here misleaded: intellectual property is not respected as such, let’s have a look …

in order to publish your website you have to buy a domain name and pay a hosting facility, that is exactly the same what you do with your home, you buy the land and pay taxes, so it is your property as well as anything your put onto it

intellectual property is exactly the same, it just resides on another layer of land … the internet rolls on our land, the earth – therefore a website has an owner and it is his property

so now, somebody comes, see your house and writes down your name, your house number and the address to put you on the city index, is that ok, yes, that is correct and permissible

also the reuse by other indexes of the same data somebody explored, is permissable, it is public information

but now, entering your terrain and sneaking around in your backyard in order to find your private stuff is not permissible, that is illicit and might be already a crime

on the internet we have two signals, like traffic lights, which tell those explorers what they can or should collect and publish, that is robots.txt and sitemap.xml

in other words, there is a MY PROPERTY RULES PLATE at my private border, saying, this is my property and you are not allowed to sneak around in my backgyard and also are not allowed to peek through my windows, even if they are open

I think any halfway-sane person can agree to all of what I said – but who does not are the bigtechs and their owners, who try to sell us another parallel reality convenient for them only – and that is where privacy invasion and thef starts

the bad intention is already clear, they tell us: use robots.txt and sitemap.xml so we take only what you want – the hoax begins, they do not respect it …

the facts are in logs collected over month, and the patterns are clear and always the same, repeatatly in the exact same order, the illicit attempt is clear, doubtless, it doesn’t matter who runs the scheme, it doesn’t matter if the WHO identification is faked or real, the pattern are exactly the same as in the follwing REAL LOG ENTRIES

18/02/2026 16:26:44 | IP: 87.250.224.113 | UA: yandex | A: fishing | T: Diarium | Req: ?paged=5798
18/02/2026 16:29:02 | IP: 5.255.231.244 | UA: yandex | A: imgheist | T: Diarium | Req: 2022-06-15111-2

how to read it?

?paged=5798 looks like a legit wordpress link from a latest posts page, but it is not, it does not exist, the site has only 49 pages linked … so they try to hide the fishing phase, during the fishing phase they fetch the page content, extract the img src links in it and some minutes later they try to fetch the img src directly (identified as imgheist) – that’s the crime

they say, ahhh, we do not do anything illegal, we just test your site …

so what? my site is not your concern, stay out! take what I allow in sitemap.xml and robots.txt and then go away – but they do not do it, they just ignore the sign and go ahead and try to steel your porperty, the image src …

I can provide endless logs for google, ahrefs, aws, barkrowler, sogou, gpt, claude, yahoo, bing, badou and others – they are all krooks in the middle of a big scam and so the name I gave sounds funny, but is precise: gangster bots – and that is serious matter

anybody who says now, but what can we do, we can not do anything, that’s how it is is just too lazy to do something about – probably you do not see where this costs your money

it costs your money by steeling resources, your site can become slow while thousand of requests hammer your site, your images might be stolen as well, but that is another story, so do not pardon a thug because your are also one …

we need to stand up and protect us against those gangster bot operators, we need to direct them into a dark corner and let them starve there and let them bleed out

I am too radical?

I am not, I am protecting what’s mine, every single photographer, artist, writer or producer of any goods should think the same way

we have to stop the global heist, it is a criminal behavior we can not permit it anymore

if you are interested how I manage gangster bots to starve-out, please read the other posts about SEO, I am talking about their false bhaviour since over a year – what I do is self defense but does not solve the problem – we, means all internet aware programmers, developers, site owners and everybody who’s victim in this exploitation, we need to stand up and cut them off …

19/02/2026

AWS is just another scam business …

and once again it is confirmed, behind any fortune there is at least one crime …

I always had my conviction about SEO and Keyword services. it never had good sound. now, in 2026, while trolling Gangster bots I am just collecting the proves

the double spoof “trick” is bouncing back …

[16-Feb-2026 00:54:00 Brazil/East] Unleash BOT NETS has a new member: 44.252.11 and got served :)
[16-Feb-2026 00:54:00 Brazil/East] Is Gangster Bot: 44.252.11.56 is cpu iphone
[16-Feb-2026 00:54:00 Brazil/East] IMG Copyright and ASmile served for … a-new-historical-date-today/?fbclid=IwZXh0bgNhZW0CMTEAc3J0YwZhcHBfaWQMMjU2MjgxMDQwNTU4AAEeVSF6_Yu_OIR4Wk3NsoKx4fNi0BP3fxd1awY-HQCFRtG4axgC9e-dGQd0x1A_aem_NkxCv064GSTpSc4M2WUABw to Gangster Bot at 44.252.11.56 method GET

for whom is less technical skilled, here the translation:

first log line
my Bot Net detector shows that someone from 44.252.22.0/24 is requesting an incorrect composed URI, in this case, they try to fetch directly the img src link discovered during a previos legit link download, then they analize the content and compose the found “img src” links in order to steel the images in a second phase

second line
the IP net belongs do AWS, Amazone Netowrks, classified by my Unleash detect mechanism as Gangster Bot, and we can see the user agent identification (UA ID), saying it is an IPhone

third line
that is the fake part, the crime confession, they fake to be a Facebook Crawler which usual tries to find OG data, like image and description for a esternal link somebody shared on facebook

resume
legit requests from facebook are correctly identified as facebook bot (meta-externalagent) and coming from their IPs with a legit DNS Reverse record and are HEAD Requests, not GET ….

I get those requests every 5 seconds from a wide range of fake addresses with spoofed identification, they are running industrial like image heists, several well known SEO service provider are behind this scam, all logged over month, so you, who’s reading this, think harder and stop buying their services …

draw your own picture, for me that is the darkside of the InterNet, hidden behind legit company appearencies and trying to convince people about there wonderful and beneficial services – what they really do is cheap, they are stealing …

so Bezos, how’s you haircut today? give me a smile … here’s mine:

16/02/2026

the botbreeder op uncovered …

during my observation of the bot tsunami rolling over my sites and devoloping a clever send-em-the-frog-face tactic, I had to admit, it slows them down, but doesn’t stop them

the reality was bigger then I expected, seeing 850 /24 crawling my servers for direct image fetching (stealing) isn’t nice, even if they didn’t succeeded

not everybody is in such lucky situation to have modern server hardware with considerable heartbeat and with its feet on a solid backbone, and so, most small companies and single operator sites will suffer serious performance loss without knowing why

so I stopped being funny – to remember, showing a frog face instead of the real expected image is funny and nicer than flipping the bird, but it doesn’t help – I rewrote the attempted request to serve a 404 …

the impressive part is, in a couple of minutes the whole swell stopped, thousand of source IPs stopped crawling, wow!

impressive, because it shows the whole thing was fully orchestrated, that it wasn’t a farm of silly bots, it that was a fully planned heist running on really powerfull hardware

the 404 stopped them immediatly, that also shows their miserly and stingy operation mode, so some poor penny-pinching minds behind it, hopefull AWS charge them good prices for using their platform – make them bleed

+/- 2 hours after the sudden stop, some afterburner appeared, I remembered seeing the source IPs before with incommon behaviour during the mass attack, so I investigated those further

OTV.net … spread over several domains with country codes and .net, .com, .ca and a totally redacted whois record, after looking further to find out what they’re hiding, a name popped up, Dmytro Ahrefs … aka the botbreeder …

owner of a large variety of keyword generator and seo tools for all search platforms and plugins … all courtains felt down, the obvious came into the spot light

while running the hidden DDOS like image theft heists, he offers “detectors” and counter measures for what he does, what a ruthless and cheap operation, a mega scam to get his hands into our pockets

certainly legally intouchable because of post box addresses everywhere instead of real office installations, hidden identities and mostly targetting small hosting and website operators who don’t understand what’s happening, until they discover it, he already moved on to another target – see you later baby, try getting enough money to sew me …

here is their “generous” offer https://ahrefs.com/free-seo-tools with premium upgrades of course, not even heel is free anymore …

thanks to my persistence and stubborness when it comes to somebody stealing my photos I got free education about what great minds become when they sniff money … doubtless this guys have outstanding competence in software and marketing … unfortunately they drifted over to the bad side

that kind of people are useless for the world

I rather prefere staying poor and do fair business while transforming my exceptional software ideas into code and see it working and producing results like this journey uncovered the botbreeder’s reality, I really do not even consider those people having any personal value anymore, they lost every bit of respect and their technical capacity became worthless …

the botbreeder is now on my crap list

05/02/2026

the new internet reality

we’re already in a new epoch, some people are still predicting it and just don’t get it – there is no wave coming, it is a tsunami and we can measure already it’s peak

some time ago I noticed a change in behaviour of search bots and crawlers, I begun logging it and soon I saw the pattern I changed my Unleash Metro Module to handle bot requests differently

I have 5 different websites running, two of them are for my second passion which is photography, one is about my sensual art retro style, all in black&white. Always I was confronted, as well as all other photographers are, with image theft, people believe internet content is common property – an always imminent threat of author and copy rights – but let’s emphasize on the people part

now the scenario has changed, it is not people anymore, a new epoch of organized mass property theft is already running, the new reality is good content be like fuel for AI training, and so, they are harvesting everything what is out there and usable for their intend

whatever country you are in, it is criminal violation of private copyrights, they know that we have very low chances to defend us, no money to sue them on international level – just look at Musk’s latest grok scam, undressing photographies of real persons … but look at what happened, keep reading

my Unleash module already detected successfully bot crawlers and also can clearly distinguish between search engine requests and image crawlers

first measure was, collecting source addresses and observing patterns, then any page request runs through a validator which checks a suspicious request from any source, if it is already in DB, then gets served with uncashed content

after analysing new patterns I got the impression that first all pages and posts are requested, then after 10 minutes, all image links from those pages got crawled directly. it looked like fetching content, targeting only the image links and fetch them directly – still an assumption, not a real pattern, and my collegues said, man, for what, that are kiddy stats you’re collecting – well I said, let’s see

second measure than was, I prepared a small pool of ordinary images, 300px wide and in 50% webp quality, just some kb each file, then I rewrote the direct image requests from those crawlers to serve them the crappy image instead of the high quality site image

then happened something, this days I noticed a peak of new crawler bots coming in, to be exact 350 new /24 nets in 3 hours, next days still more

[02-Feb-2026 13:28:38 Brazil/East] 100 New Bot Nets to be added [02-Feb-2026 19:30:12 Brazil/East] 42 New Bot Nets to be added [03-Feb-2026 01:28:50 Brazil/East] 33 New Bot Nets to be added

and a new crawl pattern emerged

Unleash cache and minify skipped for bot : 217.113.194.8 crawling https://diarium.posts Unleash cache and minify skipped for bot : 217.113.194.6 crawling https://diarium.posts Unleash cache and minify skipped for bot : 217.113.194.6 crawling https://diarium.posts Unleash cache and minify skipped for bot : 217.113.194.3 crawling https://diarium.posts Unleash cache and minify skipped for bot : 217.113.194.2 crawling https://diarium.posts

so far I had 700 constant bots in my DB, collected over a periode of 3 months, now a bunch of new IPs from just one /24 fetching the same page,10-15 minutes after came in the isolated image request s from the same network, the sam,e pattern repeats from all new networks which appeared overnight:

Unleash cache and minify skipped for bot : 217.113.194.202 crawling https://diarium.img-477 Unleash cache and minify skipped for bot : 217.113.194.11 crawling https://diarium.img-480 Unleash cache and minify skipped for bot : 217.113.194.11 crawling https://diarium.img-437 Unleash cache and minify skipped for bot : 217.113.194.242 crawling https://diarium.img-467 Unleash cache and minify skipped for bot : 217.113.194.242 crawling https://diarium.img-446 Unleash cache and minify skipped for bot : 217.113.194.7 crawling https://diarium.img-971 Unleash cache and minify skipped for bot : 217.113.194.8 crawling https://diarium.img-925 Unleash cache and minify skipped for bot : 217.113.194.11 crawling https://diarium.img-924 Unleash cache and minify skipped for bot : 217.113.194.5 crawling https://diarium.img-949 Unleash cache and minify skipped for bot : 217.113.194.5 crawling https://diarium.img-902 Unleash cache and minify skipped for bot : 217.113.194.242 crawling https://diarium.img-982 Unleash cache and minify skipped for bot : 217.113.194.203 crawling https://diarium.img-055021 Unleash cache and minify skipped for bot : 217.113.194.6 crawling https://diarium.img-090332 Unleash cache and minify skipped for bot : 217.113.194.9 crawling https://diarium.img-090444 Unleash cache and minify skipped for bot : 217.113.194.203 crawling https://diarium.img-062339 Unleash cache and minify skipped for bot : 217.113.194.10 crawling https://diarium.img-064434 Unleash cache and minify skipped for bot : 217.113.194.9 crawling https://diarium.img-074447 Unleash cache and minify skipped for bot : 217.113.194.242 crawling https://diarium.img-075719-1 Unleash cache and minify skipped for bot : 217.113.194.2 crawling https://diarium.img-070647-1 Unleash cache and minify skipped for bot : 217.113.194.242 crawling https://diarium.img-09_13_15 Unleash cache and minify skipped for bot : 217.113.194.242 crawling https://diarium.img-11_04_27 Unleash cache and minify skipped for bot : 217.113.194.9 crawling https://diarium.img-033108-1 Unleash cache and minify skipped for bot : 217.113.194.203 crawling https://diarium.img-030337-1 Unleash cache and minify skipped for bot : 217.113.194.203 crawling https://diarium.img-09_12_34

so what’s about the kiddy idea? was it one? it wasn’t – it was straight on point -organized large scale image theft – the AI comedians behind it, with shameless insolence, they call it harvesting …

cloud platforms like AWS provide the endless, elastic IP ranges that make this scale of distributed harvesting possible and affordable – it’s like a sweep robbery with a giant dragnet

The two-stage pattern is designed to look benign (“just browsing pages!”) until the second wave reveals the true intent. Politeness is the mask. Internet’s stupidity is th door

probably they have already succeeded on thousands, if not millions of websites, I was riding on that wave and watching, I gave them a crappy low res 300px wide 50% webp image to swallow – that actually was the satisfaction, they got what they deserved

trusting my good feelings I saw it coming, despite all smiles around me, I catched the wave, but it is still not that tsunami I am expecting, but it will come, so you still have time to protect your sites – but don’t wait too long

don’t get swallowed, be smart, switch to proactive mode and feed them the shit they deserve soon they are at your door …

meanwhile I keep watching my log, the message is clear, YOU entered my sovereignty, you get what I give you and go rob your mother …

[03-Feb-2026 08:18:26 Brazil/East] Unleash BOT NETS has a new member: 107.20.224 and got served :) [03-Feb-2026 08:18:34 Brazil/East] Unleash BOT NETS has a new member: 54.86.59 and got served :) [03-Feb-2026 08:18:37 Brazil/East] Unleash BOT NETS has a new member: 52.22.87 and got served :) [03-Feb-2026 08:19:06 Brazil/East] Unleash BOT NETS has a new member: 52.3.155 and got served :) [03-Feb-2026 08:19:14 Brazil/East] Unleash BOT NETS has a new member: 3.220.70 and got served :)
…

03/02/2026

latest wordpress attacker source list

1369 proven authentic sources and real allocated IP addresses

the following list of /24 nets with an average of 7 single IPs/subnet are running bots or rent shell accounts to run common known attempts against wordpress sites, this list is not copied from somewhere and we have documented detailed logs of attempts against OUR servers, they do not have reverse records and are not private personal computers

the attempts are wide spread, trying to get access wp-login.php, xmlrpc.php, known feed attempts, common backdoor and rootkit scans and a lot more, this is the list from december 25, you can block them and do not lose a thing, help cleaning up the web:

1.13.18 3.232.39 18.214.186 34.199.252 38.127.216 1.32.25 3.232.82 18.214.238 34.202.88 38.242.205 2.58.56 3.232.102 18.214.251 34.203.111 38.242.213 3.14.5 3.235.215 18.215.24 34.204.150 38.242.251 3.81.253 3.237.67 18.215.77 34.205.163 40.77.167 3.89.170 4.194.64 18.215.112 34.205.170 40.123.197 3.89.176 4.213.56 18.232.11 34.206.193 42.96.17 3.90.73 4.214.0 18.232.12 34.206.212 43.128.67 3.93.98 4.240.89 18.232.36 34.206.249 43.128.149 3.93.211 5.133.177 18.233.24 34.219.152 43.128.156 3.93.253 5.175.206 18.235.81 34.220.242 43.130.3 3.94.40 5.189.156 18.235.158 34.224.9 43.130.9 3.94.156 5.202.15 20.93.230 34.224.132 43.130.14 3.94.157 5.223.58 20.123.252 34.225.24 43.130.15 3.94.199 5.255.231 20.184.35 34.225.87 43.130.16 3.136.214 8.137.149 20.203.75 34.225.138 43.130.26 3.208.146 8.210.47 20.204.164 34.225.243 43.130.32 3.208.156 8.217.151 20.245.239 34.226.89 43.130.34 3.209.174 8.217.156 23.20.178 34.227.156 43.130.37 3.210.29 8.217.208 23.21.119 34.227.234 43.130.39 3.210.114 8.217.211 23.21.148 34.230.124 43.130.40 3.210.223 8.217.214 23.21.175 34.231.45 43.130.57 3.211.105 14.18.80 23.21.179 34.231.77 43.130.60 3.211.181 14.116.207 23.21.204 34.231.118 43.130.67 3.212.86 14.173.128 23.21.225 34.231.156 43.130.71 3.212.205 14.199.128 23.21.227 34.231.159 43.130.72 3.212.219 14.225.23 23.21.228 34.231.181 43.130.74 3.213.46 15.204.218 23.21.250 34.233.114 43.130.91 3.213.85 15.235.27 23.22.59 34.233.219 43.130.100 3.213.106 15.235.42 23.22.105 34.234.172 43.130.102 3.213.213 15.235.57 23.23.99 34.234.197 43.130.106 3.214.176 15.235.65 23.23.103 34.234.200 43.130.111 3.215.59 15.235.96 23.23.104 34.234.206 43.130.116 3.215.221 15.235.98 23.23.137 34.235.239 43.130.131 3.216.13 15.235.212 23.23.180 34.236.41 43.130.139 3.216.86 17.22.237 23.23.212 34.236.135 43.130.141 3.216.227 17.22.245 23.23.213 34.236.185 43.130.150 3.217.82 17.241.75 23.23.214 34.238.45 43.130.154 3.217.171 17.241.219 23.132.164 34.239.197 43.130.174 3.218.35 17.241.227 23.239.110 35.94.250 43.131.23 3.218.103 17.246.15 23.254.250 35.153.86 43.131.26 3.219.80 17.246.19 27.46.234 35.168.238 43.131.36 3.219.81 17.246.23 27.74.251 35.169.102 43.131.243 3.220.70 18.134.165 27.106.115 35.169.119 43.131.253 3.220.148 18.139.13 31.11.36 35.169.240 43.132.214 3.221.50 18.204.89 31.47.46 35.170.205 43.133.14 3.221.156 18.204.152 31.184.197 35.171.117 43.133.66 3.221.222 18.205.91 34.1.24 35.171.141 43.133.69 3.221.244 18.205.127 34.1.28 35.172.125 43.133.91 3.222.85 18.205.213 34.74.243 35.173.18 43.133.139 3.222.190 18.206.47 34.87.147 35.173.38 43.133.187 3.223.134 18.207.64 34.93.16 35.174.141 43.133.220 3.223.181 18.207.79 34.168.79 35.174.253 43.133.253 3.224.104 18.207.89 34.192.67 35.196.14 43.134.141 3.224.205 18.208.11 34.192.125 35.199.15 43.134.177 3.224.215 18.209.137 34.193.2 35.225.238 43.134.186 3.225.9 18.209.201 34.194.14 35.233.92 43.134.188 3.225.45 18.210.58 34.194.95 35.247.159 43.135.36 3.226.34 18.211.39 34.194.165 36.111.32 43.135.115 3.226.106 18.211.148 34.194.226 37.9.175 43.135.130 3.227.180 18.213.27 34.194.233 37.27.52 43.135.134 3.229.95 18.213.70 34.195.60 37.27.188 43.135.135 3.229.164 18.213.102 34.195.248 37.60.141 43.135.138 3.230.69 18.213.240 34.196.6 38.45.64 43.135.139 3.230.224 18.214.124 34.196.114 38.54.119 43.135.140 3.231.193 18.214.138 34.196.237 38.57.232 43.135.142 43.135.144 43.157.168 44.205.192 49.51.36 52.2.191 43.135.145 43.157.170 44.206.65 49.51.38 52.3.26 43.135.172 43.157.172 44.206.93 49.51.50 52.3.102 43.135.182 43.157.175 44.207.69 49.51.52 52.3.104 43.135.183 43.157.179 44.207.207 49.51.72 52.3.127 43.135.185 43.157.180 44.207.252 49.51.73 52.3.155 43.135.186 43.157.181 44.208.193 49.51.132 52.3.156 43.135.211 43.157.188 44.208.223 49.51.141 52.4.76 43.143.200 43.157.191 44.209.35 49.51.166 52.4.213 43.153.7 43.158.91 44.209.89 49.51.180 52.4.229 43.153.10 43.159.128 44.210.204 49.51.183 52.4.238 43.153.12 43.159.132 44.210.213 49.51.196 52.5.232 43.153.15 43.159.138 44.212.106 49.51.203 52.5.242 43.153.27 43.159.140 44.212.131 49.51.204 52.6.5 43.153.36 43.159.141 44.212.145 49.51.233 52.6.97 43.153.48 43.159.143 44.212.232 49.51.243 52.6.232 43.153.49 43.159.144 44.213.36 49.51.245 52.7.13 43.153.54 43.159.145 44.213.202 49.51.252 52.21.62 43.153.62 43.159.149 44.214.19 49.51.253 52.22.64 43.153.67 43.159.152 44.215.61 49.124.206 52.22.87 43.153.71 43.163.206 44.215.210 50.6.153 52.23.112 43.153.74 43.164.195 44.215.231 50.6.155 52.44.148 43.153.76 43.164.196 44.215.235 50.6.174 52.44.174 43.153.85 43.164.197 44.216.172 50.16.72 52.44.229 43.153.86 43.165.65 44.217.177 50.16.216 52.45.15 43.153.87 43.165.67 44.217.255 50.16.248 52.45.29 43.153.96 43.165.69 44.218.6 50.17.193 52.45.77 43.153.102 43.165.70 44.218.170 50.19.79 52.45.92 43.153.104 43.165.189 44.220.2 50.19.102 52.45.194 43.153.119 43.165.190 44.221.37 50.19.221 52.54.15 43.153.122 43.166.1 44.221.105 50.62.183 52.54.95 43.153.123 43.166.128 44.221.180 51.38.112 52.54.157 43.153.135 43.166.129 44.221.227 51.38.187 52.66.28 43.153.192 43.166.130 44.223.115 51.68.137 52.70.123 43.154.127 43.166.131 44.223.116 51.68.224 52.70.138 43.154.140 43.166.132 44.223.193 51.75.21 52.70.209 43.154.250 43.166.134 44.223.232 51.75.24 52.71.46 43.155.26 43.166.136 44.243.58 51.75.201 52.71.203 43.155.27 43.166.142 44.245.0 51.77.211 52.71.216 43.155.129 43.166.226 45.56.126 51.77.245 52.71.218 43.155.140 43.166.237 45.61.184 51.79.250 52.73.6 43.155.162 43.166.238 45.61.186 51.81.14 52.73.142 43.155.188 43.166.239 45.80.158 51.81.207 52.167.144 43.155.195 43.166.240 45.84.107 51.91.152 52.200.54 43.156.109 43.166.244 45.86.202 51.91.254 52.200.58 43.156.156 43.166.245 45.88.186 51.159.31 52.200.93 43.156.168 43.166.246 45.94.31 51.161.37 52.200.142 43.156.202 43.166.247 45.119.84 51.161.65 52.200.251 43.156.204 43.166.255 45.130.203 51.161.172 52.201.155 43.156.228 43.167.157 45.134.225 51.195.41 52.202.52 43.156.232 43.167.232 45.138.16 51.222.86 52.202.233 43.157.20 43.167.236 45.141.215 51.222.95 52.203.65 43.157.22 43.167.239 45.148.10 51.222.110 52.203.68 43.157.38 43.167.241 45.154.98 51.222.168 52.203.152 43.157.46 43.167.245 45.156.87 51.222.228 52.203.237 43.157.50 43.173.1 45.182.127 51.254.142 52.204.37 43.157.53 44.193.102 45.227.249 51.255.71 52.204.71 43.157.67 44.193.115 46.101.83 52.0.41 52.204.81 43.157.95 44.194.134 46.105.71 52.0.63 52.204.89 43.157.142 44.195.50 46.245.76 52.0.105 52.204.174 43.157.148 44.195.145 47.82.10 52.0.218 52.204.253 43.157.149 44.196.118 47.236.12 52.1.106 52.205.113 43.157.150 44.197.76 47.239.91 52.1.157 52.205.141 43.157.153 44.205.74 47.242.236 52.2.4 52.205.222 43.157.156 44.205.120 49.12.205 52.2.58 52.207.47 43.157.158 44.205.180 49.51.33 52.2.83 52.221.97 52.224.179 54.225.181 78.142.63 98.80.130 103.185.185 54.37.151 54.225.199 78.146.196 98.82.38 103.186.30 54.39.0 54.235.125 80.150.6 98.82.39 103.186.64 54.39.6 54.235.158 81.92.219 98.82.40 103.192.173 54.39.89 54.235.172 81.177.135 98.82.63 103.196.235 54.39.136 54.235.191 81.177.136 98.82.66 103.204.130 54.39.203 54.243.63 82.180.147 98.82.107 103.205.211 54.39.210 56.125.104 82.223.216 98.82.214 103.218.122 54.80.73 57.128.99 83.171.248 98.83.8 103.221.222 54.80.185 57.129.69 83.212.59 98.83.10 103.253.20 54.83.23 57.129.81 83.212.76 98.83.72 104.28.208 54.83.56 57.129.135 83.217.72 98.83.94 104.28.240 54.83.180 57.129.139 84.46.240 98.83.177 104.28.246 54.83.240 57.141.0 84.247.139 98.83.178 104.219.251 54.84.93 57.141.20 84.247.144 98.83.226 104.233.199 54.84.102 57.151.82 84.247.146 98.84.60 104.233.205 54.84.147 59.91.95 85.10.203 98.84.70 104.236.5 54.84.161 59.110.47 85.11.167 98.84.131 104.236.74 54.84.169 62.84.176 85.95.216 98.84.184 104.247.110 54.84.250 62.108.32 85.208.96 98.84.200 104.248.32 54.85.7 62.146.232 85.215.36 98.159.37 104.248.45 54.85.109 62.171.144 86.31.161 100.24.167 106.38.188 54.85.126 62.171.148 86.38.247 100.27.153 106.53.1 54.86.59 62.171.153 86.48.6 100.28.49 107.20.25 54.87.62 62.214.228 86.48.20 100.28.57 107.20.181 54.88.84 62.240.36 87.229.65 100.28.118 107.20.224 54.89.90 64.89.163 87.250.224 100.28.133 107.20.255 54.90.8 64.225.8 87.251.78 100.28.204 107.22.208 54.90.244 64.225.16 88.198.106 100.29.34 107.23.62 54.91.122 64.227.8 89.40.227 100.29.63 107.172.190 54.92.171 64.227.37 89.42.218 100.29.107 107.175.34 54.93.55 64.227.76 89.43.66 100.29.128 107.180.224 54.94.38 64.227.146 89.46.106 100.29.155 107.189.5 54.144.185 65.21.251 89.46.107 100.29.160 107.189.12 54.145.82 65.60.5 89.46.109 100.29.164 107.189.13 54.147.182 65.181.111 89.46.110 101.32.15 108.167.189 54.147.238 65.254.81 89.117.104 101.32.49 109.199.122 54.152.163 66.33.192 89.140.72 101.32.52 110.4.45 54.156.55 66.249.73 89.144.145 101.33.55 111.90.191 54.156.124 66.249.74 89.207.146 101.33.66 111.93.93 54.156.248 67.23.231 89.222.100 101.33.80 111.125.105 54.157.84 67.23.238 89.233.105 101.33.81 112.213.89 54.157.99 67.23.242 89.235.79 101.35.56 113.44.10 54.159.18 67.205.34 90.156.142 101.78.165 113.192.8 54.159.98 67.205.42 91.121.85 102.65.21 114.55.74 54.162.69 67.205.159 91.134.91 103.6.196 114.132.189 54.163.136 67.207.163 91.151.95 103.28.36 115.79.32 54.163.169 68.72.143 91.194.90 103.38.161 115.190.57 54.164.106 68.183.58 91.206.169 103.42.58 116.118.45 54.166.104 68.183.135 91.213.188 103.48.119 116.198.205 54.166.126 68.183.157 91.218.64 103.53.78 116.204.78 54.167.32 69.6.213 91.224.90 103.72.99 117.196.219 54.197.82 72.167.33 91.224.92 103.74.118 119.8.34 54.197.102 74.7.227 91.230.110 103.75.187 119.28.89 54.197.114 74.7.229 91.239.157 103.92.85 119.28.140 54.197.178 74.7.241 92.114.50 103.110.84 119.156.243 54.198.33 74.7.242 92.204.53 103.115.9 120.24.23 54.204.12 74.7.243 92.205.167 103.147.122 120.76.230 54.204.62 74.113.250 93.185.162 103.149.169 120.78.88 54.209.100 75.119.208 94.26.106 103.152.248 120.85.246 54.210.152 77.68.76 94.103.173 103.161.170 122.51.207 54.210.155 77.90.185 94.191.24 103.163.161 122.117.102 54.221.203 77.111.101 94.198.40 103.163.214 123.31.12 54.225.81 77.247.109 95.85.238 103.166.182 124.156.157 54.225.98 78.47.63 95.108.213 103.169.160 124.156.178 54.225.148 78.142.18 95.216.154 103.173.227 124.156.179 124.156.225 149.56.150 162.241.203 172.245.102 185.209.223 124.156.226 149.56.160 162.241.216 173.212.197 185.220.100 125.227.7 149.88.19 162.241.224 173.212.252 185.220.101 125.253.121 149.202.51 162.241.225 173.231.222 185.223.152 128.199.0 149.202.52 162.241.226 173.236.139 185.225.33 128.199.79 150.95.110 162.243.62 173.236.154 185.231.115 129.121.35 150.109.46 162.243.187 173.236.218 185.238.121 129.222.85 150.109.230 162.250.124 173.236.222 185.241.208 129.226.93 150.241.244 163.44.196 173.254.56 185.242.3 129.226.174 151.80.133 163.172.187 173.255.240 185.252.28 129.226.213 151.244.72 164.90.142 174.138.89 185.252.234 130.193.77 152.32.251 164.92.111 175.207.214 186.250.243 131.108.210 152.42.231 165.22.210 177.11.50 187.43.202 132.148.72 152.53.103 165.22.218 177.50.4 187.43.215 134.122.133 152.67.193 165.22.223 177.50.7 188.95.65 134.209.23 152.69.216 165.22.240 177.50.8 188.121.122 134.209.118 152.228.222 165.227.123 177.50.9 188.164.194 134.209.215 154.18.239 165.227.177 177.50.10 188.165.71 135.125.66 154.54.249 165.227.214 177.50.11 188.166.45 135.125.183 155.4.47 167.71.56 177.50.12 188.245.173 136.243.228 156.146.33 167.71.200 177.50.13 190.6.176 137.184.64 157.15.40 167.71.243 177.50.14 190.8.176 138.68.19 157.55.39 167.86.81 177.50.15 190.90.160 138.68.184 157.66.54 167.99.71 177.57.21 190.92.172 138.68.229 157.173.200 167.99.72 177.96.14 190.114.12 138.197.17 157.230.45 167.99.118 178.32.119 191.38.210 138.197.19 157.230.219 167.114.139 178.62.201 191.38.211 138.199.19 157.245.6 167.172.22 180.191.121 191.96.227 138.199.152 157.245.109 167.172.41 180.211.106 192.145.125 139.59.11 158.58.187 167.172.113 181.214.31 192.159.99 139.59.71 158.94.211 167.172.190 182.18.239 192.185.176 139.59.189 158.106.145 167.172.235 182.43.31 192.241.179 139.59.253 158.178.230 167.172.253 182.43.69 192.250.228 139.59.255 158.220.116 170.64.202 182.43.77 192.250.229 139.84.155 158.255.80 170.106.11 182.92.110 192.250.232 139.162.83 159.65.146 170.106.15 183.207.45 192.250.235 140.245.101 159.65.158 170.106.35 183.207.48 193.26.115 141.94.76 159.75.154 170.106.37 184.72.84 193.32.162 141.94.79 159.89.97 170.106.65 184.72.95 193.142.146 141.95.54 159.89.175 170.106.72 184.73.35 194.5.205 141.95.145 159.89.200 170.106.73 184.73.47 194.26.192 141.98.11 159.195.12 170.106.84 184.73.68 194.38.135 142.44.138 159.203.181 170.106.107 184.73.167 194.163.158 142.44.220 159.223.24 170.106.110 184.73.195 194.163.171 142.44.225 159.223.84 170.106.113 184.73.239 194.180.49 142.44.228 159.223.207 170.106.140 184.154.206 194.233.90 142.44.233 160.30.112 170.106.143 185.17.41 195.24.236 142.171.182 160.30.113 170.106.147 185.25.117 195.24.237 143.110.164 160.251.96 170.106.148 185.40.4 195.47.238 143.110.206 161.35.90 170.106.152 185.46.8 195.154.194 144.91.111 161.35.183 170.106.161 185.48.182 195.178.110 144.91.121 162.0.208 170.106.163 185.49.20 195.214.235 144.217.73 162.0.227 170.106.179 185.56.150 195.226.223 145.239.83 162.0.237 170.106.180 185.67.45 195.248.241 145.239.141 162.62.213 170.106.181 185.75.143 196.251.73 146.70.36 162.62.231 170.106.187 185.104.184 196.251.85 146.70.178 162.144.44 170.106.192 185.114.247 196.251.100 146.83.7 162.214.73 170.106.193 185.129.48 198.23.238 146.190.140 162.214.78 170.106.196 185.137.234 198.44.184 147.185.132 162.214.121 170.106.197 185.150.191 198.54.126 148.66.135 162.214.205 171.25.193 185.153.49 198.59.144 148.113.128 162.240.28 171.244.34 185.169.252 198.72.126 148.113.130 162.240.97 171.246.236 185.191.171 198.177.125 148.113.153 162.240.239 172.104.229 185.197.195 198.186.130 148.135.79 162.241.2 172.105.63 185.199.236 198.199.80 149.28.165 162.241.126 172.190.142 185.207.251 198.235.24 198.244.233 203.217.101 209.38.230 213.155.227 217.76.62 200.35.157 204.44.87 209.42.16 213.156.43 217.113.194 200.61.249 205.209.114 209.141.61 213.180.203 217.131.14 201.46.112 205.210.31 209.172.2 213.230.65 217.154.227 202.134.10 206.189.80 210.211.97 213.239.209 217.160.114 202.155.143 207.154.247 212.47.143 216.37.42 217.172.189 202.174.110 207.180.240 212.127.78 216.48.177 217.182.77 203.2.115 207.180.243 212.227.149 216.244.66 218.255.64 203.195.94 207.248.21 213.35.96 217.15.160 221.224.30 203.209.212 209.15.119 213.136.93 217.18.245

03/02/2026

ALERT! bulgarian hacker source net

owners:
Information related to ‘94.26.106.0 – 94.26.106.255’

Abuse contact for ‘94.26.106.0 – 94.26.106.255’ is ‘abuse@vmheaven.io’

inetnum:        94.26.106.0 – 94.26.106.255
netname:        IPV4
country:        DE
admin-c:        NA9207-RIPE
abuse-c:        AA45092-RIPE
tech-c:         NA9207-RIPE
status:         SUB-ALLOCATED PA
mnt-by:         lir-bg-telco-1-MNT
created:        2025-12-01T10:35:18Z
last-modified: 2025-12-08T10:53:36Z
source:         RIPE

role:           NOC
address:        BULGARIA
address:        Sofia
address:        1000
address:        2 Peter Beron Str
phone:          +359887888951
nic-hdl:        NA9207-RIPE
mnt-by:         lir-bg-telco-1-MNT
created:        2025-04-09T07:40:33Z
last-modified: 2025-04-09T07:40:34Z
source:         RIPE # Filtered

Information related to ‘94.26.106.0/24AS215607’

route:          94.26.106.0/24
origin:         AS215607
mnt-by:         lir-bg-telco-1-MNT
created:        2025-12-01T10:28:34Z
last-modified: 2025-12-01T10:28:34Z
source:         RIPE

02/02/2026

Category: wpHakka Threads