๐ง๐ท
Peregrine
2026-07-09 03:10:17
(23 hours ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:05 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:05 -0300] "GET /wk/index.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.83 - - [05/Jul/2026:12:00:05 -0300] "GET /inputs.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.83 - - [05/Jul/2026:12:00:06 -0300] "GET /ioxi-o.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /function/function.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /rip.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /admin.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /wp-content/uploads/index.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /cache.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /themes.php HTTP/1.1" 404 414
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-07-08 03:09:52
(1 day ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:05 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:05 -0300] "GET /wk/index.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.83 - - [05/Jul/2026:12:00:05 -0300] "GET /inputs.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.83 - - [05/Jul/2026:12:00:06 -0300] "GET /ioxi-o.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /function/function.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /rip.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /admin.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /wp-content/uploads/index.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /cache.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /themes.php HTTP/1.1" 404 414
show less
Bad Web Bot
๐ง๐ท
Peregrine
2026-07-07 03:09:43
(2 days ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:05 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:05 -0300] "GET /wk/index.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.83 - - [05/Jul/2026:12:00:05 -0300] "GET /inputs.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.83 - - [05/Jul/2026:12:00:06 -0300] "GET /ioxi-o.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /function/function.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /rip.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:06 -0300] "GET /admin.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /wp-content/uploads/index.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /cache.php HTTP/1.1" 404 414
20.89.57.196 162.159.108.147 - - [05/Jul/2026:12:00:07 -0300] "GET /themes.php HTTP/1.1" 404 414
show less
Bad Web Bot
๐ซ๐ท
Catalin Negru
2026-07-06 19:03:48
(3 days ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐ณ๐ฑ
Site.eu
2026-07-06 16:14:31
(3 days ago)
Excessive multi-domain requests
Brute-Force
Anonymous
2026-07-06 14:07:37
(3 days ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: WordPress scanning
show less
Bad Web Bot
Web App Attack
๐ซ๐ฎ
Christopher Hughes
2026-07-06 07:55:17
(3 days ago)
[Mon Jul 06 08:55:15.758468 2026] [proxy_fcgi:error] [pid 1538450:tid 139822750684736] [client 20.89 ...
show more
[Mon Jul 06 08:55:15.758468 2026] [proxy_fcgi:error] [pid 1538450:tid 139822750684736] [client 20.89.57.196:2348] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:55:16.032555 2026] [proxy_fcgi:error] [pid 1538450:tid 139822123447872] [client 20.89.57.196:2348] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:55:16.307786 2026] [proxy_fcgi:error] [pid 1538450:tid 139822089877056] [client 20.89.57.196:2348] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:55:16.583164 2026] [proxy_fcgi:error] [pid 1538450:tid 139822115055168] [client 20.89.57.196:2348] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:55:16.858578 2026] [proxy_fcgi:error] [pid 1538450:tid 139822759077440] [client 20.89.57.196:2348] AH01071: Got error 'Primary script unknown'
...
show less
Web App Attack
๐ซ๐ฎ
Christopher Hughes
2026-07-06 07:35:52
(3 days ago)
[Mon Jul 06 08:35:50.950396 2026] [proxy_fcgi:error] [pid 1538450:tid 139822792648256] [client 20.89 ...
show more
[Mon Jul 06 08:35:50.950396 2026] [proxy_fcgi:error] [pid 1538450:tid 139822792648256] [client 20.89.57.196:11048] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:35:51.216784 2026] [proxy_fcgi:error] [pid 1538450:tid 139822784255552] [client 20.89.57.196:11048] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:35:51.482101 2026] [proxy_fcgi:error] [pid 1538450:tid 139822115055168] [client 20.89.57.196:11048] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:35:51.748528 2026] [proxy_fcgi:error] [pid 1538450:tid 139822215702080] [client 20.89.57.196:11048] AH01071: Got error 'Primary script unknown'
[Mon Jul 06 08:35:52.013723 2026] [proxy_fcgi:error] [pid 1538450:tid 139822098269760] [client 20.89.57.196:11048] AH01071: Got error 'Primary script unknown'
...
show less
Web App Attack
Anonymous
2026-07-06 07:28:59
(3 days ago)
20.89.57.196 - - [06/Jul/2026:04:28:56 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 162 ...
show more
20.89.57.196 - - [06/Jul/2026:04:28:56 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
20.89.57.196 - - [06/Jul/2026:04:28:57 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
20.89.57.196 - - [06/Jul/2026:04:28:58 -0300] "GET //wp-content/plugins/fix/up.php HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36"
...
show less
Port Scan
๐บ๐ธ
chronos
2026-07-06 06:52:17
(3 days ago)
[AUTORAVALT][[06/07/2026 - 03:52:17 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.89.57.196] A ...
show more
[AUTORAVALT][[06/07/2026 - 03:52:17 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.89.57.196] Action: BLocKed
Hacking... Unauthorized attempts to access the server.
Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software p]
...
show less
Hacking
Web App Attack
๐ฎ๐ฉ
zam
2026-07-06 06:38:32
(3 days ago)
20.89.57.196 - - [06/Jul/2026:06:38:27 +0000] "GET /wp-admin/alfa.php HTTP/1.1" 302 278
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-06 06:35:18
(3 days ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /info.php | Pays: JP | UA: Mozilla/5.0 (Windows NT 10.0; ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /info.php | Pays: JP | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Sa
show less
Hacking
Web App Attack
๐บ๐ธ
chronos
2026-07-06 06:17:09
(3 days ago)
[AUTORAVALT][[06/07/2026 - 03:17:09 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.89.57.196] A ...
show more
[AUTORAVALT][[06/07/2026 - 03:17:09 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.89.57.196] Action: BLocKed
Hacking... Unauthorized attempts to access the server.
Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software p]
...
show less
Hacking
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-06 06:16:23
(3 days ago)
Attempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthori ...
show more
Attempted access to sensitive endpoint (/wp-content/admin.php) detected. Automated scan or unauthorized probing.
show less
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-06 05:50:57
(3 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing
Web App Attack
Hacking