Anonymous
2026-07-07 01:49:00
(19 hours ago)
85.203.21.239 - - [06/Jul/2026:22:48:44 -0300] "GET /wp-content/themes/fukasawa/inc/classes/403x.php ...
show more
85.203.21.239 - - [06/Jul/2026:22:48:44 -0300] "GET /wp-content/themes/fukasawa/inc/classes/403x.php HTTP/1.1" 301 162 "-" "Go-http-client/1.1"
85.203.21.239 - - [06/Jul/2026:22:48:54 -0300] "GET /wp-includes/blocks/comments-pagination-numbers/ HTTP/1.1" 301 162 "-" "Go-http-client/1.1"
85.203.21.239 - - [06/Jul/2026:22:48:59 -0300] "GET /wp-includes/block-bindings/ HTTP/1.1" 301 162 "-" "Go-http-client/1.1"
...
show less
Port Scan
π«π·
masterguru
2026-07-06 21:31:54
(23 hours ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195)
show less
Bad Web Bot
π©πͺ
FeG Deutschland
2026-07-05 15:31:35
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 13:06:53
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.239 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 09:06:49.636941 2026] [security2:error] [pid 9098:tid 9098] [client 85.203.21.239:21915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rotentendales.com"] [uri "/wp-content/wp-config.php"] [unique_id "akpW6aoc6S5sijd6_xeoGwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 11:02:26
(2 days ago)
85.203.21.239 - - [05/Jul/2026:13:02:24 +0200] "GET /wp-includes/js/admin.php HTTP/1.1" 404 28145 "- ...
show more
85.203.21.239 - - [05/Jul/2026:13:02:24 +0200] "GET /wp-includes/js/admin.php HTTP/1.1" 404 28145 "-" "Go-http-client/1.1"
85.203.21.239 - - [05/Jul/2026:13:02:24 +0200] "GET /wp-includes/js/admin.php HTTP/1.1" 404 5706 "-" "Go-http-client/1.1"
85.203.21.239 - - [05/Jul/2026:13:02:24 +0200] "GET /wp-includes/init.php HTTP/1.1" 404 28145 "-" "Go-http-client/1.1"
85.203.21.239 - - [05/Jul/2026:13:02:24 +0200] "GET /wp-includes/init.php HTTP/1.1" 404 5706 "-" "Go-http-client/1.1"
85.203.21.239 - - [05/Jul/2026:13:02:25 +0200] "GET /wp-content/uploads/redux/config.php HTTP/1.1" 404 28145 "-" "Go-http-client/1.1"
...
show less
Brute-Force
Web App Attack
πͺπΈ
masterguru
2026-07-05 09:21:58
(2 days ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-122)
show less
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-05 04:19:51
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.239 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 00:19:46.505528 2026] [security2:error] [pid 9549:tid 9549] [client 85.203.21.239:29499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rohanbyles.com.au"] [uri "/wp-includes/wp-config.php"] [unique_id "aknbYolMMKYlrmLu4cKsHgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-07-04 22:00:22
(2 days ago)
Auto-ban: 14 malicious requests on 2026-07-03 (e.g., env/backup probes, brute-force, or error bursts ...
show more
Auto-ban: 14 malicious requests on 2026-07-03 (e.g., env/backup probes, brute-force, or error bursts).
show less
Web App Attack
SSH
Hacking
Anonymous
2026-07-04 21:23:07
(2 days ago)
Banned by Fail2Ban on server
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 17:29:26
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 85.203.21.239 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 85.203.21.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 13:29:19.205952 2026] [security2:error] [pid 30843:tid 30843] [client 85.203.21.239:51251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lajoze.com"] [uri "/wp-content/uploads/wp-config.php"] [unique_id "aklC7_i4Bm_zKwNnxib_aQAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-07-04 03:47:10
(3 days ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-196)
show less
Bad Web Bot
π§πͺ
cmbplf
2026-07-03 14:50:40
(4 days ago)
479 requests with url.path *config.php
Brute-Force
Bad Web Bot
π«π·
masterguru
2026-07-03 13:50:42
(4 days ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-195)
show less
Bad Web Bot
Anonymous
2026-07-03 07:25:06
(4 days ago)
Banned by Fail2Ban on server
Web App Attack
π©πͺ
Viveronese
2026-07-02 13:03:56
(5 days ago)
HTTP vulnerability scanning
Web App Attack