๐ฉ๐ช
LRob
2026-03-04 12:15:10
(4 months ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐บ๐ธ
TheMadBeaker
2026-03-04 11:47:10
(4 months ago)
Fail2Ban - HTTP Exploit Attempt
Brute-Force
Web App Attack
Anonymous
2026-03-04 08:38:29
(4 months ago)
185.192.71.167 - - [04/Mar/2026:08:38:24 +0000] "GET /wp-content/themes/index.php HTTP/1.1" 404 1251 ...
show more
185.192.71.167 - - [04/Mar/2026:08:38:24 +0000] "GET /wp-content/themes/index.php HTTP/1.1" 404 12517 "https://www.magicball.net//wp-content/themes/index.php" "Go-http-client/1.1"
185.192.71.167 - - [04/Mar/2026:08:38:25 +0000] "GET /wp-content/themes/admin.php HTTP/1.1" 404 9188 "https://www.magicball.net//wp-content/themes/admin.php" "Go-http-client/1.1"
185.192.71.167 - - [04/Mar/2026:08:38:25 +0000] "GET /wp-includes/Text/about.php HTTP/1.1" 404 9188 "https://www.magicball.net//wp-includes/T
...
show less
Web App Attack
๐ณ๐ฟ
Tripwire
2026-03-03 19:52:14
(4 months ago)
Scanning for backup files
Web App Attack
๐บ๐ธ
mnsf
2026-02-23 01:05:18
(4 months ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐ณ๐ฟ
Antinson
2026-02-11 09:37:55
(5 months ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ซ๐ท
dynamix
2026-02-11 01:14:18
(5 months ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ฑ
Redeco Hosting
2026-02-10 22:30:08
(5 months ago)
Failed login attempt detected by Fail2Ban in plesk-wordpress jail
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-02-10 20:47:06
(5 months ago)
(mod_security) mod_security (id:240000) triggered by 185.192.71.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 185.192.71.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 10 15:46:29.874942 2026] [security2:error] [pid 28297:tid 28297] [client 185.192.71.167:26657] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.deltad.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.deltad.net"] [uri "/images/stories/themes.php"] [unique_id "aYuZJYIITjyC5a5buZzgHwAAADc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-02-04 21:04:56
(5 months ago)
Blocking for trying to access an exploit file: /vendor/phpunit/phpunit/src/Util/PHP/
Hacking
Anonymous
2026-02-04 20:32:42
(5 months ago)
[redacted] 185.192.71.167 - - [04/Feb/2026:21:29:54 +0100] "GET /wp-admin/css/colors/blue/index.php ...
show more
[redacted] 185.192.71.167 - - [04/Feb/2026:21:29:54 +0100] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"
[redacted] 185.192.71.167 - - [04/Feb/2026:21:29:55 +0100] "GET /wp-admin/css/colors/ocean/about.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36"
[redacted] 185.192.71.167 - - [04/Feb/2026:21:29:55 +0100] "GET /wp-admin/css/colors/midnight/install.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
[redacted] 185.192.71.167 - - [04/Feb/2026:21:29:56 +0100] "GET /wp-admin/mah.php HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0"
[redacted] 185.192.71.167 - - [04/Feb/2026:21:29:56 +0100] "GET /wp-admi
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-04 20:22:21
(5 months ago)
(mod_security) mod_security (id:240000) triggered by 185.192.71.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 185.192.71.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 04 15:22:12.817107 2026] [security2:error] [pid 3995613:tid 3995720] [client 185.192.71.167:28215] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||certifiedeconomist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "certifiedeconomist.com"] [uri "/images/stories/themes.php"] [unique_id "aYOqdGJtYQhXiF4mPhO08wAAANI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-02-03 02:40:05
(5 months ago)
185.192.71.167 - - [03/Feb/2026:04:40:04 +0200] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 4 ...
show more
185.192.71.167 - - [03/Feb/2026:04:40:04 +0200] "GET /wp-content/languages/wp-conflg.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
185.192.71.167 - - [03/Feb/2026:04:40:04 +0200] "GET /wp-content/themes/classwithtostring.php HTTP/1.1" 404 279 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36"
...
show less
Web App Attack
๐ณ๐ฟ
Antinson
2026-02-02 10:22:55
(5 months ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ซ๐ท
dynamix
2026-02-01 22:20:38
(5 months ago)
Multiple WAF Violations
Web App Attack