๐ฒ๐ฝ
octageeks.com
2026-07-07 04:21:44
(44 minutes ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ซ๐ท
mrcrassi
2026-07-05 20:02:02
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: BLOCK
Protocol: HTTP/2 (POST method ...
show more
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: BLOCK
Protocol: HTTP/2 (POST method)
Endpoint: /wp-login.php
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฌ๐ท
setupgr
2026-07-04 07:22:39
(2 days ago)
(wplogin_block) Blocked WP-Login Access Attempt 65.111.21.242 (BR/Brazil/Sรยฃo Paulo/Sรยฃo Paulo/-/[AS ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 65.111.21.242 (BR/Brazil/Sรยฃo Paulo/Sรยฃo Paulo/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 65.111.21.242 - - [04/Jul/2026:10:20:18 +0300] "POST /wp-login.php HTTP/1.1" 200 4892 "https://fashionfragonard.gr/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:119.0) Gecko/20100101 Firefox/119.0"
show less
Port Scan
๐ท๐ด
INTEQ
2026-07-01 19:06:28
(5 days ago)
Web attack from 65.111.21.242
Web App Attack
๐ณ๐ฟ
billyborsht
2026-07-01 15:35:31
(5 days ago)
2026-07-02T03:35:31.172864+12:00 southern wordpress(abrahamic.nz)[1835878]: Authentication attempt f ...
show more
2026-07-02T03:35:31.172864+12:00 southern wordpress(abrahamic.nz)[1835878]: Authentication attempt for unknown user administrator from 65.111.21.242
...
show less
Hacking
Web App Attack
๐ฌ๐ท
setupgr
2026-06-30 23:32:40
(6 days ago)
(wplogin_block) Blocked WP-Login Access Attempt 65.111.21.242 (BR/Brazil/Sรยฃo Paulo/Sรยฃo Paulo/-/[AS ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 65.111.21.242 (BR/Brazil/Sรยฃo Paulo/Sรยฃo Paulo/-/[AS200373 DREI-K-TECH-GMBH]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 65.111.21.242 - - [01/Jul/2026:02:29:40 +0300] "POST /wp-login.php HTTP/1.1" 200 3171 "https://asteriassantorini.com/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:120.0) Gecko/20100101 Firefox/120.0"
show less
Port Scan
๐ฒ๐น
Malta
2026-06-29 08:57:53
(1 week ago)
65.111.21.242 - - [29/Jun/2026:10:57:53 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linu ...
show more
65.111.21.242 - - [29/Jun/2026:10:57:53 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐ฒ๐ฝ
octageeks.com
2026-06-29 04:13:34
(1 week ago)
Wordpress malicious attack:[octaflood]
Web App Attack
๐ฒ๐น
Malta
2026-06-28 08:44:27
(1 week ago)
65.111.21.242 - - [28/Jun/2026:10:44:27 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh ...
show more
65.111.21.242 - - [28/Jun/2026:10:44:27 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:119.0) Gecko/20100101 Firefox/119.0"
show less
Hacking
Web App Attack
VPN IP
๐ฉ๐ช
abdubhai
2026-05-25 12:58:51
(1 month ago)
65.111.21.242 - - [25/May/2026:1
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-12-27 21:23:38
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 16:23:34.093744 2025] [security2:error] [pid 13135:tid 13135] [client 65.111.21.242:13197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iuriscorpabc.com"] [uri "/.svn/wc.db"] [unique_id "aVBOVhVweef29o292zzkRAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 19:53:25
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 14:53:20.989959 2025] [security2:error] [pid 21443:tid 21443] [client 65.111.21.242:32329] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "swampoodlegrounds.com"] [uri "/.env"] [unique_id "aVA5MH5PAGONCodaKt0kJwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
iNetWorker
2025-12-27 19:04:06
(6 months ago)
trolling for resource vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-27 18:51:00
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 27 13:50:52.216090 2025] [security2:error] [pid 4422:tid 4490] [client 65.111.21.242:50141] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alexanderwarnow.com"] [uri "/.git/HEAD"] [unique_id "aVAqjFQ5-grWCIeNbCphLQAAAMs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-01 23:36:28
(8 months ago)
(mod_security) mod_security (id:225170) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 65.111.21.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 01 19:36:25.866014 2025] [security2:error] [pid 24043:tid 24043] [client 65.111.21.242:55683] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||srossi.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "srossi.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aQaZeRWBi8XCK1Vp-xmYCgAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack