๐ฉ๐ช
maxpower
2026-07-08 00:28:11
(2 days ago)
(backdoor_scan) REGOLA 7 - Backdoor Scan Attempt 64.89.162.167 (US/United States/-): 2 in the last 3 ...
show more
(backdoor_scan) REGOLA 7 - Backdoor Scan Attempt 64.89.162.167 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 64.89.162.167 - - [08/Jul/2026:02:28:07 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 55215 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" "64.89.162.167" host=www.cgilchieti.it
64.89.162.167 - - [08/Jul/2026:02:28:08 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 55215 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" "64.89.162.167" host=www.cgilchieti.it
show less
Port Scan
๐ซ๐ท
dynamix
2026-07-07 23:43:35
(2 days ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-07 22:35:23
(3 days ago)
Brute-Force
Web App Attack
๐บ๐ธ
agenciahypelab.com.br
2026-07-07 22:11:33
(3 days ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
๐บ๐ธ
antlac1
2026-07-07 22:00:42
(3 days ago)
crowdsecurity/http-bad-user-agent
Brute-Force
Web App Attack
๐ฏ๐ต
S.O.B.A. Dev.
2026-07-07 21:28:41
(3 days ago)
Web vulnerability scanning
Brute-Force
Web Spam
Web App Attack
๐บ๐ธ
Major Hostility
2026-07-07 20:42:29
(3 days ago)
"POST /wp-plain.php HTTP/1.1" 404
"GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404
"POST /ALF ...
show more
"POST /wp-plain.php HTTP/1.1" 404
"GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404
"POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404
"GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404
show less
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-07-07 20:12:59
(3 days ago)
vulnerability scan
Web App Attack
๐ฉ๐ช
todix
2026-07-07 15:29:47
(3 days ago)
Web App Attack Exploid from 64.89.162.167
Web App Attack
๐ซ๐ท
LRob
2026-07-07 15:00:33
(3 days ago)
CrowdSec: crowdsecurity/http-bad-user-agent | req: ["/wp-content/themes/seotheme/db.php?u","/ALFA_DA ...
show more
CrowdSec: crowdsecurity/http-bad-user-agent | req: ["/wp-content/themes/seotheme/db.php?u","/ALFA_DATA/alfacgiapi/perl.alfa"] | UA: ["Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/53
show less
Bad Web Bot
๐ณ๐ฑ
CryptoYakari
2026-07-07 14:48:48
(3 days ago)
64.89.162.167 - - [07/Jul/2026:17:48:41 +0300] "POST /wp-plain.php HTTP/1.0" 404 531 "www.google.com ...
show more
64.89.162.167 - - [07/Jul/2026:17:48:41 +0300] "POST /wp-plain.php HTTP/1.0" 404 531 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
64.89.162.167 - - [07/Jul/2026:17:48:41 +0300] "GET /vbkjnmvj.php?Fox=d3wL7 HTTP/1.0" 404 531 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
64.89.162.167 - - [07/Jul/2026:17:48:41 +0300] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.0" 404 3515 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
64.89.162.167 - - [07/Jul/2026:17:48:41 +0300] "GET /wp-content/plugins/fix/up.php HTTP/1.0" 404 3515 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85
...
show less
Web Spam
Blog Spam
Web App Attack
Bad Web Bot
๐ณ๐ฑ
BlueWire Hosting
2026-07-07 13:18:19
(3 days ago)
Bad bot ignoring robot.txt
Bad Web Bot
๐ฆ๐บ
2000cn.com.au
2026-07-07 12:01:36
(3 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent
Web App Attack
Bad Web Bot
๐ช๐ธ
netfactotum
2026-07-07 09:05:43
(3 days ago)
Hacking
Web App Attack
๐ฎ๐ฉ
soc-yk
2026-07-07 07:18:13
(3 days ago)
Type: web_scanning
Risk: 70
Events: 78
Evidence:
- Automated hostile web probing detected
- Repeate ...
show more
Type: web_scanning
Risk: 70
Events: 78
Evidence:
- Automated hostile web probing detected
- Repeated web scanning activity observed
- Multi-event operational persistence identified
- Threat escalation behavior observed
show less
Web App Attack