๐ฉ๐ช
Viveronese
2026-07-08 14:04:47
(2 minutes ago)
HTTP vulnerability scanning
Web App Attack
Anonymous
2026-07-08 14:02:26
(5 minutes ago)
Web attack
Bad Web Bot
Web App Attack
๐ฌ๐ท
setupgr
2026-07-08 13:59:03
(8 minutes ago)
(mod_security) mod_security (id:1000001) triggered by 20.197.60.102 (IN/India/Maharashtra/Pune/-/[AS ...
show more
(mod_security) mod_security (id:1000001) triggered by 20.197.60.102 (IN/India/Maharashtra/Pune/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Wed Jul 08 16:59:02.740544 2026] [security2:error] [pid 1841574:tid 1841612] [client 20.197.60.102:62325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-content/plugins/hellopress/wp_filemanager.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /wp-content/plugins/hellopress/wp_filemanager.php"] [severity "CRITICAL"] [tag "security"] [hostname "davids.gr"] [uri "/wp-content/plugins/hellopress/wp_filemanager.php"] [unique_id "ak5XplUHlSZdxs-ZMPWebwAAAAs"]
show less
Port Scan
๐ฎ๐ฉ
soc-yk
2026-07-08 13:54:12
(13 minutes ago)
Type: web_scanning
Risk: 100
Events: 267
Evidence:
- Automated hostile web probing detected
- Repea ...
show more
Type: web_scanning
Risk: 100
Events: 267
Evidence:
- Automated hostile web probing detected
- Repeated web scanning activity observed
- Multi-event operational persistence identified
- Threat escalation behavior observed
show less
Web App Attack
๐ฎ๐ณ
dineshskt4all
2026-07-08 13:50:17
(17 minutes ago)
[Wed Jul 08 13:50:12.906117 2026] [proxy_fcgi:error] [pid 3315998:tid 133423041517248] [client 20.19 ...
show more
[Wed Jul 08 13:50:12.906117 2026] [proxy_fcgi:error] [pid 3315998:tid 133423041517248] [client 20.197.60.102:0] AH01071: Got error 'Primary script unknown'
...
show less
Brute-Force
Anonymous
2026-07-08 13:47:48
(19 minutes ago)
(caddyscan) Scanner path probe from 20.197.60.102 (IN/India/-): 5 in the last 3600 secs; Ports: *; D ...
show more
(caddyscan) Scanner path probe from 20.197.60.102 (IN/India/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 20.197.60.102 - - [08/Jul/2026:13:15:55 +0000] "GET /wp-admin/css/bolt.php HTTP/1.1"
[REDACTED] 200 2627 20.197.60.102 - - [08/Jul/2026:13:19:35 +0000] "GET /wp-admin/css/colors/blue/about.php HTTP/1.1"
[REDACTED] 200 2627 20.197.60.102 - - [08/Jul/2026:13:32:26 +0000] "GET /wp-admin/css/bolt.php HTTP/1.1"
[REDACTED] 200 2627 20.197.60.102 - - [08/Jul/2026:13:35:24 +0000] "GET /wp-admin/css/colors/blue/about.php HTTP/1.1"
[REDACTED] 200 2627 20.197.60.102 - - [08/Jul/2026:13:47:44 +0000] "GET /wp-admin/css/colors/blue/about.php HTTP/1.1"
show less
Port Scan
๐ฉ๐ช
neckaralb-admin.de
2026-07-08 13:41:03
(26 minutes ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ฎ๐น
ciccio diddo
2026-07-08 13:41:02
(26 minutes ago)
URL Scanner multiple 30X port:Tcp/80,443
Brute-Force
Web App Attack
๐ง๐ท
Halux
2026-07-08 13:30:58
(36 minutes ago)
20.197.60.102 Probing protected path or service
Web App Attack
๐ณ๐ฑ
i-turnradio.nl
2026-07-08 13:29:20
(38 minutes ago)
2026-07-08 @ 15:29:19 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filema ...
show more
2026-07-08 @ 15:29:19 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filemanager.php
show less
Web App Attack
๐บ๐ธ
convos
2026-07-08 13:21:28
(46 minutes ago)
HONEYPOT TRIGGERED [HP-MRC3WMQH-4GMTII]: GET /wp-content/plugins/hellopress/wp_filemanager.php on hq ...
show more
HONEYPOT TRIGGERED [HP-MRC3WMQH-4GMTII]: GET /wp-content/plugins/hellopress/wp_filemanager.php on hq.it-solutionsusa.com | UA: unknown | TS: 2026-07-08T13:21:28.601Z
show less
Port Scan
Web App Attack
๐ฌ๐ง
poundawebsiteltd
2026-07-08 13:21:02
(46 minutes ago)
Malicious activity in general-malicious. Evidence: (apache_probe) Failed Access (403/404) 20.197.60. ...
show more
Malicious activity in general-malicious. Evidence: (apache_probe) Failed Access (403/404) 20.197.60.102 (IN/India/-): 20 in the last 3600 secs | UA: (apache_probe) Failed Access (403/404) 20.197.60.102 (IN/India/-): 20 in the last 3600 secs
show less
Brute-Force
Web App Attack
๐ฉ๐ช
on-com
2026-07-08 13:11:23
(56 minutes ago)
URL scan
Brute-Force
Web App Attack
๐บ๐ธ
oralunal
2026-07-08 13:10:10
(57 minutes ago)
IP banned by Fail2Ban in jail its-suss access.log mvfnds
...
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 13:04:22
(1 hour ago)
20.197.60.102 - - [08/Jul/2026:15:04:18 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ...
show more
20.197.60.102 - - [08/Jul/2026:15:04:18 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:18 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:18 +0200] "GET /bpsoe.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:18 +0200] "GET /bxodh.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:19 +0200] "GET /ojgup.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:19 +0200] "GET /oocnp.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:19 +0200] "GET /sletj.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:20 +0200] "GET /sump1.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:20 +0200] "GET /yjdit.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:20 +0200] "GET /wp-blink.php HTTP/1.1" 404 440 "-" "-"
20.197.60.102 - - [08/Jul/2026:15:04:20 +0200] "
...
show less
Bad Web Bot
Web App Attack