π§πͺ
Ivo Vynckier
2026-06-29 15:10:00
(2 hours ago)
52.141.56.159 - - [28/Jun/2026:21:10:04 +0200] "GET /inputs.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (W ...
show more
52.141.56.159 - - [28/Jun/2026:21:10:04 +0200] "GET /inputs.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:21:10:04 +0200] "GET /ioxi-o.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:21:10:05 +0200] "GET /function/function.php HTTP/1.1" 404 2155 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
show less
Web App Attack
Anonymous
2026-06-29 14:03:22
(3 hours ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: KR, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: KR, Attack patterns: WordPress scanning
show less
Bad Web Bot
Web App Attack
π¬π§
openstrike.co.uk
2026-06-29 05:14:26
(12 hours ago)
216 attacks on PHP URLs:
GET /wp-content/plugins/index.php HTTP/1.1
Web App Attack
π²π½
octageeks.com
2026-06-29 04:12:17
(13 hours ago)
Wordpress malicious attack:[octaflood]
Web App Attack
Anonymous
2026-06-28 22:05:04
(19 hours ago)
Unknown PHP script access detected by Fail2Ban
Web App Attack
Anonymous
2026-06-28 21:22:05
(20 hours ago)
52.141.56.159 - - [28/Jun/2026:23:22:00 +0200] "GET /inputs.php HTTP/1.1" 404 5615
52.141.56.159 - - ...
show more
52.141.56.159 - - [28/Jun/2026:23:22:00 +0200] "GET /inputs.php HTTP/1.1" 404 5615
52.141.56.159 - - [28/Jun/2026:23:22:01 +0200] "GET /ioxi-o.php HTTP/1.1" 404 5615
52.141.56.159 - - [28/Jun/2026:23:22:01 +0200] "GET /function/function.php HTTP/1.1" 404 578
52.141.56.159 - - [28/Jun/2026:23:22:02 +0200] "GET /rip.php HTTP/1.1" 404 578
52.141.56.159 - - [28/Jun/2026:23:22:02 +0200] "GET /admin.php HTTP/1.1" 404 578
52.141.56.159 - - [28/Jun/2026:23:22:02 +0200] "GET /wp-content/uploads/index.php HTTP/1.1" 404 578
52.141.56.159 - - [28/Jun/2026:23:22:02 +0200] "GET /cache.php HTTP/1.1" 404 578
52.141.56.159 - - [28/Jun/2026:23:22:03 +0200] "GET /themes.php HTTP/1.1" 404 578
52.141.56.159 - - [28/Jun/2026:23:22:03 +0200] "GET /an.php HTTP/1.1" 404 578
52.141.56.159 - - [28/Jun/2026:23:22:03 +0200] "GET /index/function.php HTTP/1.1" 404 578
...
show less
Web Spam
Web App Attack
π«π·
bazter.pro
2026-06-28 21:01:05
(20 hours ago)
Fail2Ban: plesk-bot-aggressive - 15 failures
Port Scan
Bad Web Bot
Web App Attack
π³π΄
doofy
2026-06-28 20:54:30
(20 hours ago)
[Sun Jun 28 22:53:56.403764 2026] [access_compat:error] [pid 2769409:tid 2769498] [client 52.141.56. ...
show more
[Sun Jun 28 22:53:56.403764 2026] [access_compat:error] [pid 2769409:tid 2769498] [client 52.141.56.159:15887] AH01797: client denied by server configuration: /www/famjohnsen.no/wp-content/uploads/index.php
[Sun Jun 28 22:54:28.634108 2026] [access_compat:error] [pid 2769409:tid 2769507] [client 52.141.56.159:15887] AH01797: client denied by server configuration: /www/famjohnsen.no/wp-content/uploads/index.php
[Sun Jun 28 22:54:28.900328 2026] [access_compat:error] [pid 2769409:tid 2769508] [client 52.141.56.159:15887] AH01797: client denied by server configuration: /www/famjohnsen.no/wp-content/themes/admin.php
[Sun Jun 28 22:54:29.160877 2026] [access_compat:error] [pid 2769409:tid 2769499] [client 52.141.56.159:15887] AH01797: client denied by server configuration: /www/famjohnsen.no/wp-content/themes/index.php
[Sun Jun 28 22:54:29.417209 2026] [access_compat:error] [pid 2769409:tid 2769493] [client 52.141.56.159:15887] AH01797: client denied by server configuration: /www/famjohnsen
...
show less
Brute-Force
Web App Attack
π©πͺ
Prodscape
2026-06-28 20:48:33
(20 hours ago)
(WPLOGIN) WP Login Attack 52.141.56.159 (KR/South Korea/-): 5 in the last 86400 secs; Ports: *; Dire ...
show more
(WPLOGIN) WP Login Attack 52.141.56.159 (KR/South Korea/-): 5 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER
show less
Port Scan
Anonymous
2026-06-28 20:43:36
(20 hours ago)
GET /inputs.php HTTP/1.1
GET /inputs.php HTTP/1.1
GET /inputs.php HTTP/1.1
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 20:40:36
(21 hours ago)
52.141.56.159 - - [28/Jun/2026:22:40:11 +0200] "GET /inputs.php HTTP/1.1" 404 32660
52.141.56.159 - ...
show more
52.141.56.159 - - [28/Jun/2026:22:40:11 +0200] "GET /inputs.php HTTP/1.1" 404 32660
52.141.56.159 - - [28/Jun/2026:22:40:13 +0200] "GET /ioxi-o.php HTTP/1.1" 404 29048
52.141.56.159 - - [28/Jun/2026:22:40:15 +0200] "GET /function/function.php HTTP/1.1" 404 29047
52.141.56.159 - - [28/Jun/2026:22:40:18 +0200] "GET /rip.php HTTP/1.1" 404 29047
52.141.56.159 - - [28/Jun/2026:22:40:20 +0200] "GET /admin.php HTTP/1.1" 404 29047
52.141.56.159 - - [28/Jun/2026:22:40:23 +0200] "GET /cache.php HTTP/1.1" 404 29046
52.141.56.159 - - [28/Jun/2026:22:40:25 +0200] "GET /themes.php HTTP/1.1" 404 29046
52.141.56.159 - - [28/Jun/2026:22:40:27 +0200] "GET /an.php HTTP/1.1" 404 29048
52.141.56.159 - - [28/Jun/2026:22:40:30 +0200] "GET /index/function.php HTTP/1.1" 404 29046
52.141.56.159 - - [28/Jun/2026:22:40:32 +0200] "GET /randkeyword.PhP7 HTTP/1.1" 404 30397
...
show less
Web Spam
Web App Attack
π³π±
CryptoYakari
2026-06-28 20:39:04
(21 hours ago)
52.141.56.159 - - [28/Jun/2026:23:38:58 +0300] "GET /inputs.php HTTP/1.0" 404 4097 "-" "Mozilla/5.0 ...
show more
52.141.56.159 - - [28/Jun/2026:23:38:58 +0300] "GET /inputs.php HTTP/1.0" 404 4097 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:23:38:59 +0300] "GET /ioxi-o.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:23:38:59 +0300] "GET /function/function.php HTTP/1.0" 404 3515 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:23:38:59 +0300] "GET /rip.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:23:39:00 +0300] "GET /admin.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari
...
show less
Web Spam
Blog Spam
Web App Attack
Bad Web Bot
π©πͺ
pscriptos
2026-06-28 20:35:03
(21 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch
Web App Attack
π¬π§
Mendip_Defender
2026-06-28 20:33:22
(21 hours ago)
52.141.56.159 - - [28/Jun/2026:21:33:13 +0100] "GET /.trash7206/index.php HTTP/1.1" 404 4985 "-" "Mo ...
show more
52.141.56.159 - - [28/Jun/2026:21:33:13 +0100] "GET /.trash7206/index.php HTTP/1.1" 404 4985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:21:33:14 +0100] "GET /.well-known/logs233/index.php?p= HTTP/1.1" 404 4985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.141.56.159 - - [28/Jun/2026:21:33:14 +0100] "GET /wp-content/themes/haha.php HTTP/1.1" 404 4985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
π©πͺ
macrob
2026-06-28 20:30:02
(21 hours ago)
2026/06/28 20:29:58 [error] 359958#359958: *336877510 access forbidden by rule, client: 52.141.56.15 ...
show more
2026/06/28 20:29:58 [error] 359958#359958: *336877510 access forbidden by rule, client: 52.141.56.159, server: binixo.com.ua, request: "GET /admin.php HTTP/1.1", host: "binixo.com.ua"
2026/06/28 20:29:58 [error] 359958#359958: *336877510 access forbidden by rule, client: 52.141.56.159, server: binixo.com.ua, request: "GET /wp-content/uploads/index.php HTTP/1.1", host: "binixo.com.ua"
2026/06/28 20:30:00 [error] 359958#359958: *336877510 access forbidden by rule, client: 52.141.56.159, server: binixo.com.ua, request: "GET /wp-admin/user.php HTTP/1.1", host: "binixo.com.ua"
...
show less
Web App Attack