๐บ๐ธ
kadour
2026-07-10 19:27:59
(13 hours ago)
[Fri Jul 10 14:27:57.030104 2026] [proxy_fcgi:error] [pid 2725:tid 2867] [client 185.192.71.140:2682 ...
show more
[Fri Jul 10 14:27:57.030104 2026] [proxy_fcgi:error] [pid 2725:tid 2867] [client 185.192.71.140:26829] AH01071: Got error 'Primary script unknown', referer: http://ravenloft.net/ms-themes.php
[Fri Jul 10 14:27:57.431097 2026] [proxy_fcgi:error] [pid 2725:tid 2872] [client 185.192.71.140:26829] AH01071: Got error 'Primary script unknown', referer: http://azalin.ravenloft.net/chosen.php?p=
[Fri Jul 10 14:27:57.738104 2026] [proxy_fcgi:error] [pid 2725:tid 2873] [client 185.192.71.140:26829] AH01071: Got error 'Primary script unknown', referer: http://azalin.ravenloft.net/file.php
[Fri Jul 10 14:27:57.988832 2026] [proxy_fcgi:error] [pid 2725:tid 2870] [client 185.192.71.140:26829] AH01071: Got error 'Primary script unknown', referer: http://ravenloft.net/flower.php
[Fri Jul 10 14:27:58.211814 2026] [proxy_fcgi:error] [pid 2725:tid 2877] [client 185.192.71.140:26829] AH01071: Got error 'Primary script unknown', referer: http://azalin.ravenloft.net/gifclass.php#888xyz999
...
show less
Web App Attack
๐บ๐ธ
kosada.com
2026-07-10 16:20:52
(16 hours ago)
Web vulnerability probing: /bless.php
Web App Attack
๐ฎ๐น
VHosting
2026-07-10 02:20:04
(1 day ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฎ๐ณ
evicky2002
2026-06-29 10:48:52
(1 week ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐ฎ๐ณ
evicky2002
2026-06-29 04:52:15
(1 week ago)
Confirmed malicious by STILWaters CTI platform (score=100, sources=1)
Hacking
Brute-Force
SSH
๐บ๐ธ
ambor
2026-06-25 04:55:17
(2 weeks ago)
Honeypot access: WordPress installation path scan. Path: /wp-includes/
Brute-Force
Web App Attack
๐ฌ๐ง
Oakley
2026-06-17 08:03:29
(3 weeks ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐ธ๐ช
nekopavel
2026-05-13 15:43:54
(1 month ago)
185.192.71.140 - - [13/May/2026:17:43:50 +0200]"GET / HTTP/2.0" 200 51556"https://reze.moe/wp-admin/ ...
show more
185.192.71.140 - - [13/May/2026:17:43:50 +0200]"GET / HTTP/2.0" 200 51556"https://reze.moe/wp-admin/admin-ajax.php" mishashto.com "Go-http-client/2.0""0.005" "0.000""London" "GB"
185.192.71.140 - - [13/May/2026:17:43:50 +0200]"GET / HTTP/2.0" 200 51556"https://reze.moe/wp-content/plugins/hellopress/wp_mna.php" mishashto.com "Go-http-client/2.0""0.005" "0.000""London" "GB"
185.192.71.140 - - [13/May/2026:17:43:51 +0200]"GET / HTTP/2.0" 200 51556"https://reze.moe/wp-admin/css/index.php" mishashto.com "Go-http-client/2.0""0.013" "0.001""London" "GB"
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-05-09 18:47:18
(2 months ago)
Excessive multi-domain requests
Brute-Force
๐ณ๐ฑ
Site.eu
2026-05-08 14:48:43
(2 months ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
LRob
2026-05-07 10:00:06
(2 months ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
๐ฌ๐ง
consul.to
2026-05-07 08:43:28
(2 months ago)
Web attack/malicious scanning detected
Web App Attack
๐ฌ๐ง
Mendip_Defender
2026-05-07 03:03:17
(2 months ago)
185.192.71.140 - - [07/May/2026:04:03:14 +0100] "GET /.trash7206/index.php HTTP/1.1" 301 162 "-" "Mo ...
show more
185.192.71.140 - - [07/May/2026:04:03:14 +0100] "GET /.trash7206/index.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95"
185.192.71.140 - - [07/May/2026:04:03:14 +0100] "GET /storage/framework/views/core.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"
185.192.71.140 - - [07/May/2026:04:03:14 +0100] "GET /wp-content/plugins/filester/assets/css/404.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36 OPR/70.0.3728.95"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-06 16:59:53
(2 months ago)
(mod_security) mod_security (id:240000) triggered by 185.192.71.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240000) triggered by 185.192.71.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 12:59:48.582980 2026] [security2:error] [pid 18996:tid 18996] [client 185.192.71.140:0] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||ipv6.easy-byte.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "ipv6.easy-byte.net"] [uri "/images/stories/themes.php"] [unique_id "aftzhLwrKQasl5eOOc365gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-05-06 13:19:59
(2 months ago)
Excessive multi-domain requests
Brute-Force