๐ฉ๐ช
macrob
2026-07-14 10:47:46
(7 minutes ago)
2026/07/14 10:47:44 [error] 3379132#3379132: *375386004 access forbidden by rule, client: 185.242.3. ...
show more
2026/07/14 10:47:44 [error] 3379132#3379132: *375386004 access forbidden by rule, client: 185.242.3.189, server: binixo.com.ar, request: "GET /wp-content/plugins/fix/up.php HTTP/2.0", host: "binixo.com.ar"
2026/07/14 10:47:44 [error] 3379132#3379132: *375386005 access forbidden by rule, client: 185.242.3.189, server: binixo.com.ar, request: "GET /wp-content/themes/seotheme/db.php?u HTTP/2.0", host: "binixo.com.ar", referrer: "www.google.com"
2026/07/14 10:47:44 [error] 3379132#3379132: *375386001 access forbidden by rule, client: 185.242.3.189, server: binixo.com.ar, request: "GET /wp-content/themes/seotheme/db.php?u HTTP/2.0", host: "binixo.com.ar", referrer: "www.google.com"
...
show less
Web App Attack
๐บ๐ธ
antlac1
2026-07-14 10:43:17
(12 minutes ago)
crowdsecurity/http-wordpress-scan
Brute-Force
Web App Attack
๐ง๐ฌ
HighWay
2026-07-14 05:32:49
(5 hours ago)
185.242.3.189 - - [14/Jul/2026:05:32:47 +0000] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 4 ...
show more
185.242.3.189 - - [14/Jul/2026:05:32:47 +0000] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 69004 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
185.242.3.189 - - [14/Jul/2026:05:32:47 +0000] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 67022 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
185.242.3.189 - - [14/Jul/2026:05:32:47 +0000] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 67843 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
...
show less
Port Scan
Bad Web Bot
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-14 03:12:50
(7 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent
Web App Attack
Bad Web Bot
๐ซ๐ท
ELYAZ
2026-07-14 01:44:42
(9 hours ago)
(y3) Failed access -byebye- from 185.242.3.189 (-): (CF_ENABLE)
Hacking
๐บ๐ธ
agenciahypelab.com.br
2026-07-14 00:53:22
(10 hours ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
Anonymous
2026-07-14 00:47:32
(10 hours ago)
185.242.3.189 - - [14/Jul/2026:08:47:29 +0800] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 4 ...
show more
185.242.3.189 - - [14/Jul/2026:08:47:29 +0800] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 47509 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
185.242.3.189 - - [14/Jul/2026:08:47:30 +0800] "POST /alfacgiapi/perl.alfa HTTP/1.1" 404 39515 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
185.242.3.189 - - [14/Jul/2026:08:47:30 +0800] "POST /alfacgiapi/perl.alfa HTTP/1.1" 404 39515 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
185.242.3.189 - - [14/Jul/2026:08:47:30 +0800] "GET /wp-content/plugins/apikey/apikey.php.suspected?test=hello HTTP/1.1" 404 47509 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
Major Hostility
2026-07-14 00:39:19
(10 hours ago)
"GET /wp-content/plugins/fix/up.php HTTP/1.1" 404
"GET /wp-content/themes/seotheme/db.php?u HTTP/1.1 ...
show more
"GET /wp-content/plugins/fix/up.php HTTP/1.1" 404
"GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404
"POST /wp-plain.php HTTP/1.1" 404
"POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404
"GET /wojmucce.php?Fox=d3wL7 HTTP/1.1" 404
"POST /alfacgiapi/perl.alfa HTTP/1.1" 404
"GET /wp-content/plugins/apikey/apikey.php?test=hello HTTP/1.1" 404
"POST /wp-plain.php HTTP/1.1" 404
"GET /sesekjbx.php?Fox=d3wL7 HTTP/1.1" 404
"GET /plugins/content/apismtp/apismtp.php?test=hello HTTP/1.1" 404
show less
Web App Attack
๐ณ๐ฑ
0xffffffff
2026-07-14 00:28:33
(10 hours ago)
[2026-07-14 03:28:31.922640] [authz_core:error] [pid 286049:tid 124364065531584] [client 185.242.3.1 ...
show more
[2026-07-14 03:28:31.922640] [authz_core:error] [pid 286049:tid 124364065531584] [client 185.242.3.189:0] AH01630: client denied by server configuration: /var/www/*/wp-content/plugins/fix , error_notes:wp:include-files , URI:'/wp-content/plugins/fix/up.php'
[2026-07-14 03:28:31.925557] [authz_core:error] [pid 286049:tid 124364241974976] [client 185.242.3.189:0] AH01630: client denied by server configuration: /var/www/*/wp-content/themes/seotheme, referer www.google.com , error_notes:wp:include-files , URI:'/wp-content/themes/seotheme/db.php?u'
[2026-07-14 03:28:31.926322] [authz_core:error] [pid 286049:tid 124364233582272] [client 185.242.3.189:0] AH01630: client denied by server configuration: /var/www/*/wp-plain.php, referer www.google.com , error_notes:missing-php , URI:'/wp-plain.php'
[2026-07-14 03:28:31.925557] [authz_core:error] [pid 286049:tid 124364241974976] [client 185.242.3.189:0] AH01630: client denied by server configuration: /var/www/*/wp-content/themes/seotheme, referer www.google.com , error_
show less
Web App Attack
Bad Web Bot
๐ซ๐ท
SpaceHost-Server
2026-07-13 22:28:35
(12 hours ago)
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-13 21:25:50
(13 hours ago)
Multiple WAF Violations
Web App Attack
๐ฌ๐ง
relianoid.com
2026-07-13 21:03:47
(13 hours ago)
404 Errors Abuse detected by Relianoid OSS Load Balancer - relianoid.com
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-13 20:58:49
(13 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Anonymous
2026-07-13 15:57:01
(18 hours ago)
185.242.3.189 - - [13/Jul/2026:23:56:55 +0800] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 138 ...
show more
185.242.3.189 - - [13/Jul/2026:23:56:55 +0800] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 13849 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
185.242.3.189 - - [13/Jul/2026:23:56:56 +0800] "GET /wp-content/plugins/apikey/apikey.php?test=hello HTTP/1.1" 404 13849 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
185.242.3.189 - - [13/Jul/2026:23:56:56 +0800] "GET /wp-content/plugins/apikey/apikey.php?test=hello HTTP/1.1" 404 13849 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
185.242.3.189 - - [13/Jul/2026:23:56:59 +0800] "GET /plugins/content/apismtp/apismtp.php?test=hello HTTP/1.1" 404 13849 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, lik
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
maxpower
2026-07-13 12:57:54
(21 hours ago)
(backdoor_scan) REGOLA 7 - Backdoor Scan Attempt 185.242.3.189 (-): 1 in the last 3600 secs; Ports: ...
show more
(backdoor_scan) REGOLA 7 - Backdoor Scan Attempt 185.242.3.189 (-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 185.242.3.189 - - [13/Jul/2026:14:57:49 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 301 305 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" "185.242.3.189" host=villapardi.it
show less
Port Scan