π§πͺ
cmbplf
2026-07-06 10:34:23
(1 day ago)
19.476 requests with url.path //xmlrpc.php
17.575 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
πΊπΈ
agenciahypelab.com.br
2026-07-06 09:04:37
(1 day ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-07-06 08:49:12
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 8.235.119.67 (67.119.235.8.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 8.235.119.67 (67.119.235.8.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:49:05.899722 2026] [security2:error] [pid 6091:tid 6091] [client 8.235.119.67:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cloudex.click|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cloudex.click"] [uri "/wp-json/wp/v2/users/"] [unique_id "aktsAQkvtbgNyihlo_razQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
netclix.gr
2026-07-06 08:17:10
(1 day ago)
(wordpress) Failed wordpress login from 8.235.119.67 (US/United States/67.119.235.8.bc.googleusercon ...
show more
(wordpress) Failed wordpress login from 8.235.119.67 (US/United States/67.119.235.8.bc.googleusercontent.com): (CF_ENABLE)
show less
Brute-Force
π©πͺ
todix
2026-07-06 07:15:53
(1 day ago)
Web App Attack Exploid from 8.235.119.67
Web App Attack
πΊπΈ
Victor LΓ³pez
2026-07-06 07:05:59
(1 day ago)
reparaya.com.co 8.235.119.67 - - [06/Jul/2026:02:05:54 -0500] "GET //xmlrpc.php?rsd HTTP/1.1" 200 32 ...
show more
reparaya.com.co 8.235.119.67 - - [06/Jul/2026:02:05:54 -0500] "GET //xmlrpc.php?rsd HTTP/1.1" 200 3205 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
reparaya.com.co 8.235.119.67 - - [06/Jul/2026:02:05:58 -0500] "POST //xmlrpc.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
reparaya.com.co 8.235.119.67 - - [06/Jul/2026:02:05:59 -0500] "POST //xmlrpc.php HTTP/1.1" 405 552 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36"
...
show less
Hacking
Web App Attack
π³π±
homeshowdomain.nl
2026-06-27 22:03:12
(1 week ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-26.
show less
Web App Attack
SSH
Hacking
πΊπΈ
mnsf
2026-06-26 03:07:39
(1 week ago)
Scanning/Probing (66)
Brute-Force
Web App Attack
π³π±
Site.eu
2026-06-26 01:42:34
(1 week ago)
Excessive 404/403 errors
Brute-Force
π©πͺ
rh24
2026-06-25 23:20:32
(1 week ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 8.235.119.67 (US/Uni ...
show more
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 8.235.119.67 (US/United States/67.119.235.8.bc.googleusercontent.com)
show less
Bad Web Bot
Anonymous
2026-06-25 23:01:55
(1 week ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
π³π±
Savvii
2026-06-25 19:32:11
(1 week ago)
15 attempts against mh-modsecurity-ban on pf102957
Brute-Force
Web App Attack
π³π΄
Abuse Buster
2026-06-25 15:13:19
(1 week ago)
8.235.119.67 - - [25/Jun/2026:17:13:16 +0200] "GET /.env.local HTTP/1.1" 404 22 "-" "Mozilla/5.0 (Wi ...
show more
8.235.119.67 - - [25/Jun/2026:17:13:16 +0200] "GET /.env.local HTTP/1.1" 404 22 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/66.0.3359.139 Safari/537.36"
8.235.119.67 - - [25/Jun/2026:17:13:16 +0200] "GET /.env.qa HTTP/1.1" 404 22 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/77.0.3865.35 Safari/537.36"
8.235.119.67 - - [25/Jun/2026:17:13:16 +0200] "GET /.env.template HTTP/1.1" 404 22 "-" "Mozilla/5.0 (X11; U; Linux i686; en-US) AppleWebKit/532.8 (KHTML, like Gecko) Chrome/4.0.277.0 Safari/532.8"
8.235.119.67 - - [25/Jun/2026:17:13:17 +0200] "GET /.env~ HTTP/1.1" 404 22 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/36.0.1985.125 Safari/537.36"
...
show less
Web App Attack
π«π·
dynamix
2026-06-25 14:39:53
(1 week ago)
Multiple WAF Violations
Web App Attack
π³π±
Savvii
2026-06-25 14:12:12
(1 week ago)
20 attempts against mh-misbehave-ban on mist
Brute-Force
Bad Web Bot
Web App Attack