๐ฉ๐ช
patrisei
2026-07-14 21:28:28
(7 seconds ago)
You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-probing
Port Scan
Web App Attack
๐ซ๐ท
francoisunix
2026-07-14 21:26:45
(1 minute ago)
20.48.236.161 - - [14/Jul/2026:21:26:41 +0000] "GET /wp-content/uploads/ HTTP/1.0" 403 146 "-" "-"
2 ...
show more
20.48.236.161 - - [14/Jul/2026:21:26:41 +0000] "GET /wp-content/uploads/ HTTP/1.0" 403 146 "-" "-"
20.48.236.161 - - [14/Jul/2026:21:26:41 +0000] "GET /wp-includes/Text/ HTTP/1.0" 403 146 "-" "-"
20.48.236.161 - - [14/Jul/2026:21:26:42 +0000] "GET /wp-includes/assets/ HTTP/1.0" 403 146 "-" "-"
20.48.236.161 - - [14/Jul/2026:21:26:43 +0000] "GET /wp-includes/blocks/details/ HTTP/1.0" 403 146 "-" "-"
20.48.236.161 - - [14/Jul/2026:21:26:44 +0000] "GET /wp-includes/blocks/post-comments-form/ HTTP/1.0" 403 146 "-" "-"
...
show less
Web App Attack
๐ซ๐ท
largo-it.net
2026-07-14 21:21:45
(6 minutes ago)
Jul 14 23:21:41 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:63321 [14/Jul/2026:23:21:41.748] www_fro ...
show more
Jul 14 23:21:41 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:63321 [14/Jul/2026:23:21:41.748] www_frontend~ sav_largo_cluster/sav_https 0/0/11/91/102 404 7523 - - ---- 52/4/0/0/0 0/0 "GET /3PJcpMFsD8B.php HTTP/1.1"
Jul 14 23:21:42 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:63321 [14/Jul/2026:23:21:42.060] www_frontend~ sav_largo_cluster/sav_https 0/0/11/100/111 404 7517 - - ---- 52/4/0/0/0 0/0 "GET /dvjul.php HTTP/1.1"
Jul 14 23:21:42 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:63321 [14/Jul/2026:23:21:42.398] www_frontend~ sav_largo_cluster/sav_https 0/0/11/122/133 404 7519 - - ---- 52/4/0/0/0 0/0 "GET /biufile.php HTTP/1.1"
Jul 14 23:21:43 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:63321 [14/Jul/2026:23:21:43.052] www_frontend~ sav_largo_cluster/sav_https 0/0/11/86/97 404 7521 - - ---- 52/4/0/0/0 0/0 "GET /coffexium.php HTTP/1.1"
Jul 14 23:21:43 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:63321 [14/Jul/2026:23:21:43.403] www_frontend~ sav_largo_cluster/sav_https 0/0/11/118/129 404 7
...
show less
Hacking
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 21:21:42
(6 minutes ago)
XSS Attempt
Hacking
๐ณ๐ฑ
oisecnet
2026-07-14 21:02:26
(26 minutes ago)
Automated report: Unauthorized vulnerability scanning detected on 2026-07-14. 6 requests from this I ...
show more
Automated report: Unauthorized vulnerability scanning detected on 2026-07-14. 6 requests from this IP.
show less
Brute-Force
Web App Attack
SSH
๐ซ๐ท
largo-it.net
2026-07-14 21:01:30
(27 minutes ago)
Jul 14 23:01:27 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:57659 [14/Jul/2026:23:01:27.402] www_fro ...
show more
Jul 14 23:01:27 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:57659 [14/Jul/2026:23:01:27.402] www_frontend~ sav_largo_cluster/sav_https 0/0/11/169/180 404 7519 - - ---- 56/6/0/0/0 0/0 "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"
Jul 14 23:01:27 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:57659 [14/Jul/2026:23:01:27.782] www_frontend~ sav_largo_cluster/sav_https 0/0/11/118/129 404 7537 - - ---- 56/6/0/0/0 0/0 "GET /this_is_a_new_hello_world.php HTTP/1.1"
Jul 14 23:01:28 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:57659 [14/Jul/2026:23:01:28.109] www_frontend~ sav_largo_cluster/sav_https 0/0/10/77/87 404 7516 - - ---- 56/6/0/0/0 0/0 "GET /waso.php HTTP/1.1"
Jul 14 23:01:28 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:57659 [14/Jul/2026:23:01:28.394] www_frontend~ sav_largo_cluster/sav_https 0/0/11/74/85 404 7514 - - ---- 56/6/0/0/0 0/0 "GET /82.php HTTP/1.1"
Jul 14 23:01:29 vps-9f3cdc33 haproxy[764400]: 20.48.236.161:57659 [14/Jul/2026:23:01:28.903] www_frontend~ sav_la
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ง๐ท
dominioz
2026-07-14 20:58:33
(30 minutes ago)
2026-07-14 20:57:45 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.48.236.161 HTTP/1.1 ...
show more
2026-07-14 20:57:45 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.48.236.161 HTTP/1.1 - - 404 104995
2026-07-14 20:57:46 GET /this_is_a_new_hello_world.php - - 20.48.236.161 HTTP/1.1 - - 404 104995
2026-07-14 20:57:48 GET /waso.php - - 20.48.236.161 HTTP/1.1 - - 404 104995
2026-07-14 20:57:48 GET /82.php - - 20.48.236.161 HTTP/1.1 - - 404 104995
...
show less
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-14 20:53:06
(35 minutes ago)
stkildashule.org.au:443 20.48.236.161 - - [15/Jul/2026:06:53:04 +1000] "GET /admin.php HTTP/1.1" 404 ...
show more
stkildashule.org.au:443 20.48.236.161 - - [15/Jul/2026:06:53:04 +1000] "GET /admin.php HTTP/1.1" 404 46448 "-" "-"
...
show less
Web App Attack
๐ฉ๐ช
auridh
2026-07-14 20:50:10
(38 minutes ago)
Ip 20.48.236.161 performed 'crowdsecurity/http-wordpress-scan' (5 events over 16.366091287s) at 2026 ...
show more
Ip 20.48.236.161 performed 'crowdsecurity/http-wordpress-scan' (5 events over 16.366091287s) at 2026-07-14 19:04:52.017198735 +0000 UTC
show less
Web App Attack
๐ฉ๐ช
hchristo
2026-07-14 20:17:08
(1 hour ago)
[Tue Jul 14 22:17:07.663655 2026] [proxy_fcgi:error] [pid 10131:tid 10194] [client 20.48.236.161:575 ...
show more
[Tue Jul 14 22:17:07.663655 2026] [proxy_fcgi:error] [pid 10131:tid 10194] [client 20.48.236.161:57503] AH01071: Got error 'Primary script unknown'
[Tue Jul 14 22:17:07.872129 2026] [proxy_fcgi:error] [pid 10131:tid 10231] [client 20.48.236.161:57503] AH01071: Got error 'Primary script unknown'
[Tue Jul 14 22:17:08.078795 2026] [proxy_fcgi:error] [pid 10131:tid 10216] [client 20.48.236.161:57503] AH01071: Got error 'Primary script unknown'
[Tue Jul 14 22:17:08.283822 2026] [proxy_fcgi:error] [pid 10131:tid 10232] [client 20.48.236.161:57503] AH01071: Got error 'Primary script unknown'
[Tue Jul 14 22:17:08.491755 2026] [proxy_fcgi:error] [pid 10131:tid 10215] [client 20.48.236.161:57503] AH01071: Got error 'Primary script unknown'
...
show less
Brute-Force
๐บ๐ธ
jkcunningham
2026-07-14 20:13:53
(1 hour ago)
Vulnerability scanner. Scans for wordpress filesystem, targets web-application filesystem, targets o ...
show more
Vulnerability scanner. Scans for wordpress filesystem, targets web-application filesystem, targets os and filesystem.
show less
Web App Attack
Bad Web Bot
Port Scan
๐บ๐ธ
drewking
2026-07-14 20:04:39
(1 hour ago)
154 malicious / suspicious requests. Ports: 403 /wp-content/plugins/hellopress/wp_filemanager.php, 4 ...
show more
154 malicious / suspicious requests. Ports: 403 /wp-content/plugins/hellopress/wp_filemanager.php, 403 /this_is_a_new_hello_world.php, 403 /waso.php, 403 /82.php, 403 /admin.php.
show less
Web App Attack
Hacking
๐ฉ๐ช
tikket
2026-07-14 19:57:27
(1 hour ago)
Automated honeypot report: fail2ban 'caddy-honeypot' ban. Source probed honeypot/recon endpoints on ...
show more
Automated honeypot report: fail2ban 'caddy-honeypot' ban. Source probed honeypot/recon endpoints on void.xn--q9jyb4c.
show less
Bad Web Bot
Web App Attack
๐ง๐ท
dominioz
2026-07-14 19:56:52
(1 hour ago)
2026-07-14 19:56:42 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.48.236.161 HTTP/1.1 ...
show more
2026-07-14 19:56:42 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.48.236.161 HTTP/1.1 - - 404 1440
2026-07-14 19:56:42 GET /this_is_a_new_hello_world.php - - 20.48.236.161 HTTP/1.1 - - 404 1440
2026-07-14 19:56:42 GET /waso.php - - 20.48.236.161 HTTP/1.1 - - 404 1440
2026-07-14 19:56:42 GET /82.php - - 20.48.236.161 HTTP/1.1 - - 404 1440
...
show less
Web App Attack
๐ต๐ฑ
strefapi_com
2026-07-14 19:52:08
(1 hour ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack