๐บ๐ธ
xmission.com
2026-07-08 10:56:59
(16 hours ago)
Blocked by UFW (TCP on 51413)
Source port: 38125
TTL: 48
Packet length: 60
TOS: 0x08
This report (f ...
show more
Blocked by UFW (TCP on 51413)
Source port: 38125
TTL: 48
Packet length: 60
TOS: 0x08
This report (for 185.141.119.47) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ซ๐ท
matthieul.dev
2026-06-26 21:40:24
(1 week ago)
Blocked by os-abuseipdb; 18 hits, proto=tcp,udp, ports=30906
Port Scan
Brute-Force
๐ฉ๐ช
Vegascosmetics
2026-06-14 14:04:07
(3 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after error-handler fuzzing. Vegas Security
Hacking
Exploited Host
Web App Attack
Anonymous
2026-06-13 21:38:04
(3 weeks ago)
185.141.119.47 - - [14/Jun/2026:06:38:02 +0900] "GET / HTTP/1.1" 403 458 "-" "l9tcpid/v1.1.0"
185.14 ...
show more
185.141.119.47 - - [14/Jun/2026:06:38:02 +0900] "GET / HTTP/1.1" 403 458 "-" "l9tcpid/v1.1.0"
185.141.119.47 - - [14/Jun/2026:06:38:02 +0900] "GET /.env HTTP/1.1" 403 458 "-" "l9explore/1.2.2"
185.141.119.47 - - [14/Jun/2026:06:38:03 +0900] "GET /info.php HTTP/1.1" 403 458 "-" "l9explore/1.2.2"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-13 21:29:34
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.141.119.47 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 185.141.119.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 17:29:29.477359 2026] [security2:error] [pid 17089:tid 17113] [client 185.141.119.47:39716] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.79"] [uri "/.env"] [unique_id "ai3LuWymT7KLPX1FTkfBHAAAAJY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-02 21:09:48
(1 month ago)
Aggressive web scan
Web App Attack
Anonymous
2026-05-30 21:59:49
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
๐ช๐ธ
el-brujo
2026-05-23 09:41:21
(1 month ago)
Cloudflare WAF: Request Path: /programacion_visual_basic/leer_archivo_civ-t179854.10.html Request Qu ...
show more
Cloudflare WAF: Request Path: /programacion_visual_basic/leer_archivo_civ-t179854.10.html Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallCustom ASN Description: HostRoyale Technologies Pvt Ltd Country: US Method: GET Timestamp: 2026-05-23T09:41:21Z ruleId: 0d02bf0901634311802a66d604909a6a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
Hacking
SQL Injection
Web App Attack
๐ซ๐ท
GabrielJST
2026-05-20 22:40:59
(1 month ago)
*Port Scan* detected from 185.141.119.47 (US/United States/-).
Port Scan
๐ฒ๐พ
Rizzy
2026-05-17 22:47:38
(1 month ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ซ๐ท
MatStef132
2026-05-17 18:03:44
(1 month ago)
MatShield L7: blocked on mathost.eu (ua-quarantined)
Bad Web Bot
๐ฌ๐ง
consul.to
2026-05-15 00:28:30
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-05-06 13:19:09
(2 months ago)
185.141.119.47 - - [06/May/2026:15:19:02 +0200] "POST /wp-login.php HTTP/1.0" 200 3433 "https://geos ...
show more
185.141.119.47 - - [06/May/2026:15:19:02 +0200] "POST /wp-login.php HTTP/1.0" 200 3433 "https://geosynczambia.site/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
185.141.119.47 - - [06/May/2026:15:19:04 +0200] "POST /wp-login.php HTTP/1.1" 200 2907 "https://geosynczambia.site/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
185.141.119.47 - - [06/May/2026:15:19:04 +0200] "POST /wp-login.php HTTP/1.0" 200 3433 "https://geosynczambia.site/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
185.141.119.47 - - [06/May/2026:15:19:06 +0200] "POST /wp-login.php HTTP/1.1" 200 2907 "https://geosynczambia.site/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
185.141.119.47 - - [06/May/2
...
show less
Brute-Force
Web App Attack
๐ฌ๐ง
consul.to
2026-05-01 01:31:22
(2 months ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-28 21:23:00
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 185.141.119.47 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 185.141.119.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 17:22:53.393348 2026] [security2:error] [pid 492:tid 492] [client 185.141.119.47:39208] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 185.141.119.47 (+1 hits since last alert)|velocitymech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "velocitymech.com"] [uri "/xmlrpc.php"] [unique_id "afElLX61AtObSiZW0dFK_wAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack