Anonymous
2026-07-07 23:57:53
(30 minutes ago)
[Wed Jul 08 01:57:44.405735 2026] [proxy_fcgi:error] [pid 18672:tid 18705] [client 85.203.21.237:449 ...
show more
[Wed Jul 08 01:57:44.405735 2026] [proxy_fcgi:error] [pid 18672:tid 18705] [client 85.203.21.237:44953] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/wp-content/themes/404.php
[Wed Jul 08 01:57:46.589721 2026] [proxy_fcgi:error] [pid 18672:tid 18724] [client 85.203.21.237:44953] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/wp-content/plugins/hello.php
[Wed Jul 08 01:57:47.594343 2026] [proxy_fcgi:error] [pid 18672:tid 18711] [client 85.203.21.237:44953] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/index/function.php
[Wed Jul 08 01:57:48.791193 2026] [proxy_fcgi:error] [pid 18672:tid 18710] [client 85.203.21.237:44953] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/log.php
[Wed Jul 08 01:57:52.113845 2026] [proxy_fcgi:error] [pid 18672:tid 18721] [client 85.203.21.237:44953] AH01071: Got error 'Primary script unknown', referer: http://www.akcurate.de/bolt.php
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 10:28:38
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:28:32.410721 2026] [security2:error] [pid 24856:tid 24856] [client 85.203.21.237:44499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tortoisehosting.com"] [uri "/wp-includes/wp-config.php"] [unique_id "akzU0OlOpjF4R5u2bBYFLgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-07-07 09:51:07
(14 hours ago)
Web App Attack Exploid from 85.203.21.237
Web App Attack
๐ซ๐ท
masterguru
2026-07-07 08:43:04
(15 hours ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195)
show less
Bad Web Bot
Anonymous
2026-07-07 01:45:18
(22 hours ago)
85.203.21.237 - - [06/Jul/2026:22:45:10 -0300] "GET /wp-includes/blocks/archives/ HTTP/2.0" 404 146 ...
show more
85.203.21.237 - - [06/Jul/2026:22:45:10 -0300] "GET /wp-includes/blocks/archives/ HTTP/2.0" 404 146 "https://topvitrine.com.br/wp-includes/blocks/archives/" "Go-http-client/2.0"
85.203.21.237 - - [06/Jul/2026:22:45:16 -0300] "GET /wp-includes/blocks/pullquote/ HTTP/2.0" 404 146 "https://topvitrine.com.br/wp-includes/blocks/pullquote/" "Go-http-client/2.0"
85.203.21.237 - - [06/Jul/2026:22:45:17 -0300] "GET /wp-admin.php HTTP/2.0" 404 146 "https://topvitrine.com.br/wp-admin.php" "Go-http-client/2.0"
...
show less
Port Scan
๐ง๐ช
cmbplf
2026-07-05 23:49:44
(2 days ago)
496 requests with url.path *config.php
Brute-Force
Bad Web Bot
Anonymous
2026-07-05 10:58:52
(2 days ago)
85.203.21.237 - - [05/Jul/2026:12:58:46 +0200] "GET /wp-content/simple.php HTTP/1.1" 404 28145 "-" " ...
show more
85.203.21.237 - - [05/Jul/2026:12:58:46 +0200] "GET /wp-content/simple.php HTTP/1.1" 404 28145 "-" "Go-http-client/1.1"
85.203.21.237 - - [05/Jul/2026:12:58:46 +0200] "GET /wp-content/simple.php HTTP/1.1" 404 5706 "-" "Go-http-client/1.1"
85.203.21.237 - - [05/Jul/2026:12:58:48 +0200] "GET /wp-includes/sodium_compat/namespaced/Core/ HTTP/1.1" 404 28145 "-" "Go-http-client/1.1"
85.203.21.237 - - [05/Jul/2026:12:58:48 +0200] "GET /wp-includes/sodium_compat/namespaced/Core/ HTTP/1.1" 404 5706 "-" "Go-http-client/1.1"
85.203.21.237 - - [05/Jul/2026:12:58:52 +0200] "GET /wp-content/themes/about.php HTTP/1.1" 404 28145 "-" "Go-http-client/1.1"
...
show less
Brute-Force
Web App Attack
๐ช๐ธ
masterguru
2026-07-05 09:30:01
(2 days ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-05 04:15:31
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 00:15:28.089233 2026] [security2:error] [pid 23458:tid 23458] [client 85.203.21.237:38571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "roguetechtalks.com"] [uri "/wp-includes/images/wp-config.php"] [unique_id "aknaYCJS3qbBQJBkHlltnwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 22:08:00
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 18:07:54.345008 2026] [security2:error] [pid 25370:tid 25370] [client 85.203.21.237:41713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rootsofwellnessayurveda.com"] [uri "/wp-content/wp-config.php"] [unique_id "akmEOjCIXKOAY1pAkTF4PwAAADg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 21:24:23
(3 days ago)
Banned by Fail2Ban on server
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 17:33:06
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 13:33:00.228923 2026] [security2:error] [pid 4547:tid 4547] [client 85.203.21.237:63621] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lajoze.com"] [uri "/wp-includes/images/wp-config.php"] [unique_id "aklDzGowTy73Ee4hOahLaAAAABo"], referer: http://lajoze.com/wp-includes/images/wp-config.php
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-04 17:23:55
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-04 16:50:32
(3 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:46:01
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:45:54.721556 2026] [security2:error] [pid 22240:tid 22240] [client 85.203.21.237:50485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nihlabs.org"] [uri "/wp-content/uploads/wp-config.php"] [unique_id "akf1UrfAzT2XhEQEfBNqNAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack