๐น๐ท
rtbh.com.tr
2026-03-04 20:11:53
(4 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐บ๐ธ
bazter.pro
2026-03-02 22:59:38
(4 months ago)
Auto-Ban [2026-03-03 00:59:22]: CRITICAL: Sensitive files (25); DC: Microsoft Corporation [Paths: 52 ...
show more
Auto-Ban [2026-03-03 00:59:22]: CRITICAL: Sensitive files (25); DC: Microsoft Corporation [Paths: 52] | Details: Sensitive files/paths: /xmlrpc.php, /admin.php, /wp-admin/images/, /wp-content/admin.php, /adminfuns.php | 404 errors (78): /about.php, /wp-content/uploads/index.php, /wp-includes/Requests/src/Response/about.php, /defaults.php, /sf.php, /classwithtostring.php, /wk/index.php, /abcd.php, /wp-conf.php, /wp-content/themes/hideo/network.php (and 26 more) | 403 errors (28): /wp-includes/, /wp-includes/html-api/, /wp-includes/images/, /wp-admin/images/, /.well-known/, /wp-admin/css/colors/ectoplasm/, /wp-content/uploads/, /wp-includes/PHPMailer/ | Other paths: /uploads/, /wp-content/plugins/WordPressCore/, /wp-login.php, /wp-content/plugins/index.php, /cgi-bin/, /wp-admin/user/index.php, /wp-content/themes/index.php, /xmlrpc.php
show less
Web App Attack
Hacking
๐ซ๐ฎ
kumiko
2026-02-28 22:00:27
(4 months ago)
[2026-03-01 00:00:04] Persistent attack/probing over several days.
Port Scan
Brute-Force
Bad Web Bot
๐ธ๐ฌ
fazar
2026-02-28 16:00:03
(4 months ago)
wp-login-scan: 3 attempts from 52.141.18.191 on node: sgp01
Exploited Host
Web App Attack
๐น๐ท
rtbh.com.tr
2026-02-26 20:11:46
(4 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ซ๐ฎ
bittiguru.fi
2026-02-24 21:00:09
(4 months ago)
WordPress brute force
Brute-Force
๐น๐ท
rtbh.com.tr
2026-02-24 20:11:44
(4 months ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
๐ฎ๐น
mgarofano80
2026-02-24 18:32:52
(4 months ago)
Brute-Force
Web App Attack
๐บ๐ธ
myagent.site
2026-02-24 17:27:17
(4 months ago)
Blocking for trying to access an exploit file: /wp-class.php
Hacking
๐ซ๐ฎ
Christopher Hughes
2026-02-24 17:05:52
(4 months ago)
[Tue Feb 24 17:05:50.640715 2026] [proxy_fcgi:error] [pid 427517:tid 139768092419648] [client 52.141 ...
show more
[Tue Feb 24 17:05:50.640715 2026] [proxy_fcgi:error] [pid 427517:tid 139768092419648] [client 52.141.18.191:10206] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 17:05:50.885171 2026] [proxy_fcgi:error] [pid 427517:tid 139768075634240] [client 52.141.18.191:10206] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 17:05:51.134691 2026] [proxy_fcgi:error] [pid 427517:tid 139766985107008] [client 52.141.18.191:10206] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 17:05:51.390472 2026] [proxy_fcgi:error] [pid 427517:tid 139768315668032] [client 52.141.18.191:10206] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 17:05:51.653307 2026] [proxy_fcgi:error] [pid 427517:tid 139768332453440] [client 52.141.18.191:10206] AH01071: Got error 'Primary script unknown'
...
show less
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-02-24 15:08:48
(4 months ago)
(upload_shell) srv103 Shell upload 52.141.18.191 (KR/South Korea/-): 1 in the last 3600 secs; Ports: ...
show more
(upload_shell) srv103 Shell upload 52.141.18.191 (KR/South Korea/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ซ๐ฎ
Christopher Hughes
2026-02-24 14:54:25
(4 months ago)
[Tue Feb 24 14:54:23.185168 2026] [proxy_fcgi:error] [pid 427517:tid 139768324060736] [client 52.141 ...
show more
[Tue Feb 24 14:54:23.185168 2026] [proxy_fcgi:error] [pid 427517:tid 139768324060736] [client 52.141.18.191:8065] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 14:54:23.442528 2026] [proxy_fcgi:error] [pid 427517:tid 139767958201920] [client 52.141.18.191:8065] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 14:54:23.984261 2026] [proxy_fcgi:error] [pid 427517:tid 139767949809216] [client 52.141.18.191:8065] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 14:54:24.241433 2026] [proxy_fcgi:error] [pid 427517:tid 139768092419648] [client 52.141.18.191:8065] AH01071: Got error 'Primary script unknown'
[Tue Feb 24 14:54:24.755145 2026] [proxy_fcgi:error] [pid 427517:tid 139767916238400] [client 52.141.18.191:8065] AH01071: Got error 'Primary script unknown'
...
show less
Web App Attack
๐ฆ๐น
penguin-solutions.at
2026-02-24 14:37:28
(4 months ago)
Excessive 403/404 errors
...
Brute-Force
Web App Attack
๐ช๐ธ
el-brujo
2026-02-24 14:30:47
(4 months ago)
Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: hwagm.elhacker.net userAgent: Mozill ...
show more
Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: hwagm.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation Country: KR Method: GET Timestamp: 2026-02-24T14:30:47Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
Hacking
SQL Injection
Web App Attack
๐ฉ๐ช
Dennis
2026-02-24 14:02:45
(4 months ago)
52.141.18.191 has been banned for triggering http-probing (11 events over 2.326033069s).
Brute-Force
Web App Attack