๐ณ๐ฑ
homeshowdomain.nl
2026-07-07 21:59:22
(6 days ago)
Auto-ban: >3000 req/min op 2026-07-07
Web App Attack
SSH
Hacking
๐ง๐ช
cmbplf
2026-07-07 19:39:05
(6 days ago)
251 requests with url.path */wp-content/plugins/hellopress/wp_filemanager.php
238 requests with ur ...
show more
251 requests with url.path */wp-content/plugins/hellopress/wp_filemanager.php
238 requests with url.path /phpinfo.php
235 requests with url.path *phpinfo.php
214 requests with url.path *config.php
show less
Brute-Force
Bad Web Bot
๐ง๐ช
cmbplf
2026-07-07 19:22:41
(6 days ago)
9.296 requests in 1 hour (3mos1w5d)
Brute-Force
Bad Web Bot
๐บ๐ธ
mnsf
2026-07-07 19:05:23
(6 days ago)
Too many Status 40X (20)
Brute-Force
Web App Attack
๐ณ๐ฑ
middelkoopcc
2026-07-07 18:59:09
(6 days ago)
2026-07-07 20:42:38 [client 20.24.195.139:7700] AH01276: Cannot serve directory /<redacted>/wp-inclu ...
show more
2026-07-07 20:42:38 [client 20.24.195.139:7700] AH01276: Cannot serve directory /<redacted>/wp-includes/PHPMailer/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive && 2026-07-07 20:42:41 [client 20.24.195.139:7700] AH01276: Cannot serve directory /<redacted>/wp-content/uploads/: No matching DirectoryIndex (index.php) found, and server-generated directory index forbidden by Options directive && 2026-07-07 20:51:51 [client 20.24.195.139:4070] AH01071: Got error 'Primary script unknown' && 91 more within 20 minutes
show less
Web App Attack
๐จ๐ฆ
Mediashaker
2026-07-07 18:51:52
(6 days ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 20.24.195.139 (HK/Hong K ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 20.24.195.139 (HK/Hong Kong/-)
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-07 18:50:43
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 20.24.195.139 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.24.195.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:50:35.471848 2026] [security2:error] [pid 1705:tid 1705] [client 20.24.195.139:3043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caribbeantanz.postermodelsworldwideinc.com"] [uri "/wp-config.php"] [unique_id "ak1KewXA5dZqof1K5UGGfAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-07 18:41:13
(6 days ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.24.195.139 (HK/Hong Kong/-): 1 in ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.24.195.139 (HK/Hong Kong/-): 1 in the last 3600 secs (0-195)
show less
Hacking
Anonymous
2026-07-07 18:40:57
(6 days ago)
Banned by Fail2Ban on server
Web App Attack
Anonymous
2026-07-07 18:34:29
(6 days ago)
20.24.195.139 - - [07/Jul/2026:20:34:01 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ...
show more
20.24.195.139 - - [07/Jul/2026:20:34:01 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:01 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:01 +0200] "GET /index.php/wp-includes/PHPMailer/ HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:01 +0200] "GET /wk/index.php HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:01 +0200] "GET /function/function.php HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:02 +0200] "GET /wp-content/uploads/index.php HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:02 +0200] "GET /themes.php HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:05 +0200] "GET /randkeyword.PhP7 HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:05 +0200] "GET /ws.php HTTP/1.1" 404 490 "-" "-"
20.24.195.139 - - [07/Jul/2026:20:34:06 +0200] "GET /wp-conf.php HTTP/1.1" 404
...
show less
DDoS Attack
Anonymous
2026-07-07 18:34:20
(6 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-07 18:32:46
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 20.24.195.139 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.24.195.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:32:40.366945 2026] [security2:error] [pid 8780:tid 8780] [client 20.24.195.139:13345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fastquizmaker.com.creartest.com"] [uri "/wp-config.php"] [unique_id "ak1GSIAiEVsOU9jQO02-6AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-07 18:32:44
(6 days ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ฑ๐ป
garmtech.com
2026-07-07 18:25:57
(6 days ago)
Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. ...
show more
Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. Automated scan or unauthorized probing.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 18:14:17
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 20.24.195.139 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.24.195.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 14:14:10.725210 2026] [security2:error] [pid 3517:tid 3599] [client 20.24.195.139:3709] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kandooo.com"] [uri "/wp-config.php"] [unique_id "ak1B8mF67--Lerg1X_giiwAAARM"]
show less
Brute-Force
Bad Web Bot
Web App Attack