Anonymous
2026-06-30 21:36:59
(10 minutes ago)
Bot detected scanning for vulnerable pages
Port Scan
๐ฉ๐ช
KiekerJan
2026-06-30 21:33:52
(13 minutes ago)
20.78.146.3 - - [30/Jun/2026:23:33:50 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ...
show more
20.78.146.3 - - [30/Jun/2026:23:33:50 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-"
20.78.146.3 - - [30/Jun/2026:23:33:51 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 146 "-" "-"
...
show less
Web App Attack
๐บ๐ธ
ambor
2026-06-30 21:31:52
(15 minutes ago)
Attack type: wordpress_attack_attempt | Target: /admin.php | UA: Mozilla/5.0 (Windows NT 10.0; Win64 ...
show more
Attack type: wordpress_attack_attempt | Target: /admin.php | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWeb | Country: JP
show less
Web App Attack
Brute-Force
๐ฉ๐ช
macrob
2026-06-30 21:28:20
(18 minutes ago)
2026/06/30 21:28:12 [error] 720044#720044: *341591115 access forbidden by rule, client: 20.78.146.3, ...
show more
2026/06/30 21:28:12 [error] 720044#720044: *341591115 access forbidden by rule, client: 20.78.146.3, server: fastcredit.net.ua, request: "GET /wp-content/about.php HTTP/2.0", host: "fastcredit.net.ua"
2026/06/30 21:28:13 [error] 720047#720047: *341591154 access forbidden by rule, client: 20.78.146.3, server: fastcredit.net.ua, request: "GET /wp-includes/style-engine/wp-conflg.php HTTP/2.0", host: "fastcredit.net.ua"
2026/06/30 21:28:18 [error] 720048#720048: *341591295 access forbidden by rule, client: 20.78.146.3, server: fastcredit.net.ua, request: "GET /wp-includes/pomo/about.php HTTP/2.0", host: "fastcredit.net.ua"
...
show less
Web App Attack
๐ซ๐ท
ELYAZ
2026-06-30 21:23:46
(23 minutes ago)
(y3) Failed access -byebye- from 20.78.146.3 (JP/Japan/-): (CF_ENABLE)
Hacking
๐บ๐ธ
ruusvuu
2026-06-30 21:21:32
(25 minutes ago)
Automated abuse report: 148 attack/probe requests from Microsoft Corporation / JP.
Targeted paths: / ...
show more
Automated abuse report: 148 attack/probe requests from Microsoft Corporation / JP.
Targeted paths: /wp-content/plugins/hellopress/wp_filemanager.php, /this_is_a_new_hello_world.php, /.well-known/file.php, /settings.php, /file_browser.php.
Sample log lines:
[helpdesk] 6/30/2026 06:45:49 20.78.146.3 GET /access.php 404 149 1.0 ms
[helpdesk] 6/30/2026 06:45:50 20.78.146.3 GET /NewFile.php 404 150 1.7 ms
[helpdesk] 6/30/2026 14:21:32 20.78.146.3 GET /goods.php 404 148 1.2 ms
Detected by an automated web-server log monitor.
show less
Web App Attack
๐ฌ๐ง
Apache
2026-06-30 21:17:17
(29 minutes ago)
(mod_security) mod_security (id:20000010) triggered by 20.78.146.3 (JP/Japan/-): 5 in the last 300 s ...
show more
(mod_security) mod_security (id:20000010) triggered by 20.78.146.3 (JP/Japan/-): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 21:14:17
(32 minutes ago)
(mod_security) mod_security (id:210492) triggered by 20.78.146.3 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 20.78.146.3 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 17:14:11.935879 2026] [security2:error] [pid 32498:tid 32498] [client 20.78.146.3:60375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teenybikini.com"] [uri "/blog//wp-config.php"] [unique_id "akQxoxNkBKbPPSk6V1F0RAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
MusicLibrary
2026-06-30 21:07:59
(39 minutes ago)
Attempted access to non existent wordpress urls
Bad Web Bot
Anonymous
2026-06-30 21:05:25
(41 minutes ago)
[01/Jul/2026:00:05:24 +0300] 178285352480.423013 20.78.146.3 24806 148.251.76.218 443
[01/Jul/2026:0 ...
show more
[01/Jul/2026:00:05:24 +0300] 178285352480.423013 20.78.146.3 24806 148.251.76.218 443
[01/Jul/2026:00:05:25 +0300] 178285352558.531507 20.78.146.3 11740 148.251.76.218 443
show less
Web App Attack
๐บ๐ธ
helios.live
2026-06-30 20:58:12
(48 minutes ago)
2026/06/30 20:58:11 [error] 2607604#2607604: *378840 FastCGI sent in stderr: "Primary script unknown ...
show more
2026/06/30 20:58:11 [error] 2607604#2607604: *378840 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 20.78.146.3, server: kocerroxy.com, request: "GET /inputs.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com"
20.78.146.3 - - [30/Jun/2026:20:58:11 +0000] "GET /inputs.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
2026/06/30 20:58:11 [error] 2607604#2607604: *378840 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 20.78.146.3, server: kocerroxy.com, request: "GET /baxa1.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com"
20.78.146.3 - - [30/Jun/2026:20:58:11 +0000] "GET /baxa1.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, li
...
show less
Web App Attack
๐บ๐ธ
ipblock.com
2026-06-30 20:49:00
(58 minutes ago)
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ธ๐ฌ
serverutama
2026-06-30 20:47:56
(59 minutes ago)
fail2ban[nginx-scanner]: scanning path sensitif (.git/.env/wp-config/secrets/dll).
Bad Web Bot
Web App Attack
๐ณ๐ด
Abuse Buster
2026-06-30 20:42:33
(1 hour ago)
20.78.146.3 - [30/Jun/2026:22:42:28 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HT ...
show more
20.78.146.3 - [30/Jun/2026:22:42:28 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 20.78.146.3 Forwared for: 20.78.146.3
20.78.146.3 - [30/Jun/2026:22:42:29 +0200] "GET /this_is_a_new_hello_world.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 20.78.146.3 Forwared for: 20.78.146.3
20.78.146.3 - [30/Jun/2026:22:42:31 +0200] "GET /settings.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 20.78.146.3 Forwared for: 20.78.146.3
20.78.146.3 - [30/Jun/2026:22:42:32 +0200] "GET /file_browser.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 20.78.146.3 Forwared for: 20.78.146.3
...
show less
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-30 20:39:21
(1 hour ago)
Wordpress Vunerability attack
Web App Attack