πΊπΈ
masterguru
2026-07-08 17:59:52
(1 day ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-147)
show less
Bad Web Bot
π©πͺ
maxpower
2026-07-08 16:30:56
(1 day ago)
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 185.198.243.91 (GB/United Kingdom/-): 1 in th ...
show more
(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 185.198.243.91 (GB/United Kingdom/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 185.198.243.91 - - [08/Jul/2026:18:30:52 +0200] "GET /000.php HTTP/1.1" 301 283 "-" "Go-http-client/1.1" "-" host=poderedellatorre.it
show less
Port Scan
π¬π·
setupgr
2026-07-08 13:33:22
(1 day ago)
(mod_security) mod_security (id:1000001) triggered by 185.198.243.91 (GB/United Kingdom/England/Houn ...
show more
(mod_security) mod_security (id:1000001) triggered by 185.198.243.91 (GB/United Kingdom/England/Hounslow/-/[AS62240 CLOUVIDER Clouvider - Global ASN]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Wed Jul 08 16:33:20.851171 2026] [security2:error] [pid 1878109:tid 1878214] [client 185.198.243.91:58159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/000.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /000.php"] [severity "CRITICAL"] [tag "security"] [hostname "pankoskal.gr"] [uri "/000.php"] [unique_id "ak5RoJBzmFIMUtva0hpR-AAAAVU"]
show less
Port Scan
πΊπΈ
EGP Abuse Dept
2026-05-20 02:02:02
(1 month ago)
forum signup bot
Web Spam
Blog Spam
Web App Attack
πΊπΈ
2k11.co.za
2026-03-17 13:07:29
(3 months ago)
185.198.243.91 - - [17/Mar/2026:09:07:13 -0400] "GET /wp-signup.php HTTP/1.1" 404 555 "-" "Mozilla/5 ...
show more
185.198.243.91 - - [17/Mar/2026:09:07:13 -0400] "GET /wp-signup.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36"
185.198.243.91 - - [17/Mar/2026:09:07:29 -0400] "GET /wp-admin.php HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0"
...
show less
Brute-Force
π«π·
Octopuce
2026-03-17 09:30:14
(3 months ago)
Aggressive web search of vulnerable pages: /wp-includes/block-patterns/autoload_classmap.php /wp-con ...
show more
Aggressive web search of vulnerable pages: /wp-includes/block-patterns/autoload_classmap.php /wp-content/uploads/wp.php /wp-includes/certificat ...
show less
Web App Attack
π©πͺ
ps-center
2026-03-16 00:04:12
(3 months ago)
C1: Web Attack GET /wp-login.php
GET /wp-admin/
Web Spam
Hacking
Bad Web Bot
Web App Attack
π«π·
mrcrassi
2026-03-13 08:19:23
(3 months ago)
Triggered Cloudflare WAF (firewallCustom) from GB.
Action taken: BLOCK
Protocol: HTTP/1.1 (POST meth ...
show more
Triggered Cloudflare WAF (firewallCustom) from GB.
Action taken: BLOCK
Protocol: HTTP/1.1 (POST method)
Endpoint: /wp-login.php
UA: Mozilla/5.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
π«π·
dynamix
2026-02-10 20:41:38
(4 months ago)
Multiple WAF Violations
Web App Attack
π¬π§
pinguin
2026-02-03 09:36:13
(5 months ago)
Triggered Cloudflare WAF (linkMaze) from GB.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/2 (HEAD ...
show more
Triggered Cloudflare WAF (linkMaze) from GB.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/2 (HEAD method)
Endpoint: /bak/public_html.tar
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-01-30 05:34:07
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 185.198.243.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 185.198.243.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 30 00:34:02.823546 2026] [security2:error] [pid 20628:tid 20628] [client 185.198.243.91:46155] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||asiabeef.network|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "asiabeef.network"] [uri "/backups/wallet.dat"] [unique_id "aXxCyhwnO-l3lf4RhC57FgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³πΏ
Antinson
2025-12-16 17:20:50
(6 months ago)
Scraping with a high error ratio and request rate
Bad Web Bot
πΊπΈ
TPI-Abuse
2025-12-16 06:12:23
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 185.198.243.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.198.243.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 16 01:12:16.903554 2025] [security2:error] [pid 20509:tid 20509] [client 185.198.243.91:30611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ultratecnologia.com"] [uri "/.env"] [unique_id "aUD4QGl-D0JkROEbs7r6vwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
cmbplf
2025-12-15 20:03:12
(6 months ago)
7.461 4xx requests in 1 hour (2w6d22h)
Brute-Force
Bad Web Bot
πΊπΈ
myagent.site
2025-12-12 11:04:11
(6 months ago)
Blocking for trying to access an exploit file: /.env
Hacking