๐ซ๐ท
SpaceHost-Server
2026-06-20 22:30:41
(1 week ago)
Brute-Force
Web App Attack
๐ง๐ช
taivas.nl
2026-06-20 04:32:33
(1 week ago)
Many_bad_calls
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-19 22:30:21
(1 week ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 07:25:57
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 35.232.136.4 (4.136.232.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 35.232.136.4 (4.136.232.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:25:49.679570 2026] [security2:error] [pid 10756:tid 10756] [client 35.232.136.4:64596] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||staging.justicehoward.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "staging.justicehoward.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajTu_X9AW7TEgynwzKK8WgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-06-19 07:18:00
(2 weeks ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ณ๐ฑ
Savvii
2026-06-19 07:17:00
(2 weeks ago)
15 attempts against mh-modsecurity-ban on staging2
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-06-19 07:05:32
(2 weeks ago)
Too many Status 40X (12)
Brute-Force
Web App Attack
๐ท๐บ
andrey volobuev
2026-06-19 07:02:28
(2 weeks ago)
[19/Jun/2026:10:02:25 +0300] - - 301 - GET http ss-dev.bebesh.ru "/" [Client 35.232.136.4] [Length 1 ...
show more
[19/Jun/2026:10:02:25 +0300] - - 301 - GET http ss-dev.bebesh.ru "/" [Client 35.232.136.4] [Length 166] [Gzip -] [Sent-to ss-dev.lan] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "-"
[19/Jun/2026:10:02:26 +0300] - 404 404 - GET https ss-dev.bebesh.ru "//feed/" [Client 35.232.136.4] [Length 334] [Gzip -] [Sent-to ss-dev.lan] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "-"
[19/Jun/2026:10:02:26 +0300] - 404 404 - GET https ss-dev.bebesh.ru "//xmlrpc.php?rsd" [Client 35.232.136.4] [Length 334] [Gzip -] [Sent-to ss-dev.lan] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" "-"
[19/Jun/2026:10:02:26 +0300] - 404 404 - GET https ss-dev.bebesh.ru "//blog/wp-includes/wlwmanifest.xml" [Client 35.232.136.4] [Length 334] [Gzip -] [Sent-to ss-dev.lan] "Mozilla/5.0 (Windows NT 10.0; Win64;
...
show less
Brute-Force
Web App Attack
๐ง๐ช
taivas.nl
2026-06-19 07:02:11
(2 weeks ago)
Bad_requests
Bad Web Bot
๐ฌ๐ง
pinguin
2026-06-19 06:53:29
(2 weeks ago)
Triggered Cloudflare WAF (linkMaze) from US.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/1.1 (GE ...
show more
Triggered Cloudflare WAF (linkMaze) from US.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/1.1 (GET method)
Endpoint: //test/wp-includes/wlwmanifest.xml
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-19 06:49:56
(2 weeks ago)
(mod_security) mod_security (id:225170) triggered by 35.232.136.4 (4.136.232.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 35.232.136.4 (4.136.232.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 02:49:49.069613 2026] [security2:error] [pid 30945:tid 30945] [client 35.232.136.4:53296] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.splashstation.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.splashstation.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajTmjYh12ehH1nRtiSZagwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-06-19 06:49:11
(2 weeks ago)
[ISILIA Protection v2.1] Tentative d'accรจs: //wp-includes/id3/license.txt | Pays: US | UA: Mozilla/5 ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: //wp-includes/id3/license.txt | Pays: US | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69
show less
Hacking
Web App Attack
๐ต๐ฑ
strefapi_com
2026-06-19 06:46:45
(2 weeks ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-06-19 06:45:05
(2 weeks ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐จ๐ญ
Origon
2026-06-19 06:42:53
(2 weeks ago)
http-probing - IP: 35.232.136.4 - time="2026-06-19T08:42:53+02:00" level=info msg="(555f66b4f6a7455 ...
show more
http-probing - IP: 35.232.136.4 - time="2026-06-19T08:42:53+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 35.232.136.4 (US/396982) : 4h ban on Ip 35.232.136.4" module=db
show less
Web App Attack