Anonymous
2026-07-01 05:32:02
(2 days ago)
Banned by Fail2Ban on server
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-10 18:54:57
(3 weeks ago)
Excessive 404/403 errors
Brute-Force
๐ซ๐ท
Octopuce
2026-06-10 16:14:45
(3 weeks ago)
Aggressive web search of vulnerable pages: /wp-admin/images/admin.php /wp-includes/theme-compat/abou ...
show more
Aggressive web search of vulnerable pages: /wp-admin/images/admin.php /wp-includes/theme-compat/about.php /about/function.php /wp-includes/Requ ...
show less
Web App Attack
๐ฌ๐ง
consul.to
2026-06-10 11:38:49
(3 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-08 19:06:42
(3 weeks ago)
185.192.16.5 - - [08/Jun/2026:22:06:41 +0300] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" 404 725 "-" ...
show more
185.192.16.5 - - [08/Jun/2026:22:06:41 +0300] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:75.0) Gecko/20100101 Firefox/75.0"
185.192.16.5 - - [08/Jun/2026:22:06:41 +0300] "GET /wp-content/plugins/dummyyummy/ HTTP/1.1" 404 725 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36"
...
show less
Web App Attack
๐ซ๐ท
masterguru
2026-05-18 06:48:15
(1 month ago)
Bad bot detected via UA blacklist. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (7 ...
show more
Bad bot detected via UA blacklist. Matched phrase "go-http-client" at REQUEST_HEADERS:user-agent. (780210-133)
show less
Hacking
๐ณ๐ฑ
Site.eu
2026-05-03 09:59:06
(2 months ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ฆ
URAN Publishing Service
2026-04-12 16:35:23
(2 months ago)
185.192.16.5 - - [12/Apr/2026:19:35:22 +0300] "GET /cgi-bin/ HTTP/1.1" 404 477 "-" "Mozilla/5.0 (Win ...
show more
185.192.16.5 - - [12/Apr/2026:19:35:22 +0300] "GET /cgi-bin/ HTTP/1.1" 404 477 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95"
185.192.16.5 - - [12/Apr/2026:19:35:22 +0300] "GET /wp-admin/js/ HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3626.121 Safari/537.36"
...
show less
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-04-08 23:38:20
(2 months ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-13 20:34:07
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.5 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 185.192.16.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 16:34:00.971410 2026] [security2:error] [pid 2808:tid 2808] [client 185.192.16.5:25101] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bwill.dev|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bwill.dev"] [uri "/backup/backup.sql"] [unique_id "abR0uF4oI-upEHWkzHCx5QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Penny Packer
2026-03-11 02:37:42
(3 months ago)
Fail2Ban apache-tripwires
Web App Attack
๐ซ๐ท
dynamix
2026-03-01 21:54:35
(4 months ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ท
Octopuce
2026-03-01 18:40:19
(4 months ago)
Aggressive web search of vulnerable pages: /wp-admin/css/colors/blue/rk2.php /images/class-config.ph ...
show more
Aggressive web search of vulnerable pages: /wp-admin/css/colors/blue/rk2.php /images/class-config.php /components/com_jea/views/form/tmpl/size. ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-27 07:10:00
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 185.192.16.5 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 185.192.16.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 02:09:55.804026 2026] [security2:error] [pid 5190:tid 5190] [client 185.192.16.5:34781] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinsquaretrade.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsquaretrade.com"] [uri "/old/backup.sql"] [unique_id "aaFDQ0sHV88Gy1dO3rPlPwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
pinguin
2026-02-25 07:49:08
(4 months ago)
Triggered Cloudflare WAF (linkMaze) from IE.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/2 (HEAD ...
show more
Triggered Cloudflare WAF (linkMaze) from IE.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/2 (HEAD method)
Endpoint: /old/mysql.sql
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot