๐บ๐ธ
convos
2026-07-18 00:16:39
(33 minutes ago)
Auto-blocked by IT Solutions USA security proxy after malicious web-shell/backdoor scanning and atta ...
show more
Auto-blocked by IT Solutions USA security proxy after malicious web-shell/backdoor scanning and attack probes. Requests blocked (403).
show less
Web App Attack
Hacking
Bad Web Bot
๐ฉ๐ช
Holger
2026-07-17 18:11:16
(6 hours ago)
Bruteforce WebAttack
Brute-Force
Web App Attack
๐ซ๐ท
mail.avx.gr
2026-07-17 13:23:18
(11 hours ago)
Plesk Fail2Ban jail: Plesk-Web-Exploits. Evidence: avax.francecentral.cloudapp.azure.com:443 51.195. ...
show more
Plesk Fail2Ban jail: Plesk-Web-Exploits. Evidence: avax.francecentral.cloudapp.azure.com:443 51.195.39.148 - - [13/Jul/2026:23:49:35 +0300] "GET /wp-content/plugins/cidaas-pro-master/composer.json HTTP/1.1" 301 4431 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:150.0) Gecko/20100101 Firefox/150.0"
show less
Web App Attack
๐ฉ๐ช
Hugopvigo
2026-07-16 22:01:02
(1 day ago)
"2026-07-16 22:01:02+00:00 51.195.39.148 IP con score alto (100) detectada en el log."
Brute-Force
SSH
๐ฌ๐ง
openstrike.co.uk
2026-07-16 05:14:02
(1 day ago)
33 attacks on PHP URLs:
GET /images/images/cache.php HTTP/1.1
Web App Attack
๐ง๐ท
Peregrine
2026-07-16 03:17:00
(1 day ago)
Fail2Ban Jail: tomcat-honeypot | Evidence: 51.195.39.148 104.23.239.120 - - [14/Jul/2026:19:27:29 -0 ...
show more
Fail2Ban Jail: tomcat-honeypot | Evidence: 51.195.39.148 104.23.239.120 - - [14/Jul/2026:19:27:29 -0300] "GET /ss.php?c_c HTTP/1.1" 404 414
51.195.39.148 172.70.248.133 - - [14/Jul/2026:19:27:29 -0300] "GET /images/images/cache.php HTTP/1.1" 404 414
51.195.39.148 172.68.194.232 - - [14/Jul/2026:19:27:29 -0300] "GET /assets/images/accesson.php HTTP/1.1" 404 414
show less
Bad Web Bot
๐น๐ท
ycoskun41
2026-07-15 23:26:00
(2 days ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
๐ซ๐ท
solution.it
2026-07-15 23:23:53
(2 days ago)
[Thu Jul 16 01:23:53.238986 2026] [php7:error] [pid 298523:tid 298523] [client 51.195.39.148:41261] ...
show more
[Thu Jul 16 01:23:53.238986 2026] [php7:error] [pid 298523:tid 298523] [client 51.195.39.148:41261] script '/var/www/html/blog.solution.it/ss.php' not found or unable to stat
show less
Web App Attack
๐ฌ๐ง
consul.to
2026-07-15 22:47:37
(2 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ฆ๐น
nomzamo
2026-07-15 22:35:43
(2 days ago)
Fail2Ban reported: nginx-noscript
Brute-Force
๐ซ๐ท
SpaceHost-Server
2026-07-15 22:30:34
(2 days ago)
Brute-Force
Web App Attack
Anonymous
2026-07-15 20:58:13
(2 days ago)
Automated report (2026-07-15T16:58:13-04:00). Caught probing for webshells/backdoors. Host might be ...
show more
Automated report (2026-07-15T16:58:13-04:00). Caught probing for webshells/backdoors. Host might be compromised. Caught probing for CVE-2025-54068 vulnerability.
show less
Hacking
Exploited Host
Web App Attack
Open Proxy
๐ฎ๐น
sssrit
2026-07-15 20:54:15
(2 days ago)
51.195.39.148 - - [15/Jul/2026:22:54:13 +0200] "GET /images/images/cache.php HTTP/2.0" 404 42768 "-" ...
show more
51.195.39.148 - - [15/Jul/2026:22:54:13 +0200] "GET /images/images/cache.php HTTP/2.0" 404 42768 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-07-15 20:00:52
(2 days ago)
Mixed case PHP extension detected (PhP, PhP5, Phtml, etc). Threat Score: 7.9/10 (HIGH). Confidence: ...
show more
Mixed case PHP extension detected (PhP, PhP5, Phtml, etc). Threat Score: 7.9/10 (HIGH). Confidence: 60%. CVSS v3.1: 7.3/10 (High). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L. Bayesian Probability: 87%. MITRE ATT&CK: T1110 (Brute Force). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS
show less
Hacking
Web App Attack
Anonymous
2026-07-15 19:56:13
(2 days ago)
[Wed Jul 15 21:56:12.002503 2026] [proxy_fcgi:error] [pid 1669:tid 1847] [client 51.195.39.148:22077 ...
show more
[Wed Jul 15 21:56:12.002503 2026] [proxy_fcgi:error] [pid 1669:tid 1847] [client 51.195.39.148:22077] AH01071: Got error 'Primary script unknown'
[Wed Jul 15 21:56:12.005101 2026] [proxy_fcgi:error] [pid 12556:tid 12595] [client 51.195.39.148:22124] AH01071: Got error 'Primary script unknown'
[Wed Jul 15 21:56:12.032523 2026] [proxy_fcgi:error] [pid 1669:tid 1837] [client 51.195.39.148:22254] AH01071: Got error 'Primary script unknown'
...
show less
Brute-Force
Web App Attack