๐ต๐ฑ
Kitki30.com
2026-07-03 19:09:36
(21 minutes ago)
HTTP Probing. Log: 52.59.199.1 - - [03/Jul/2026:19:09:35 +0000] "GET /adminer.php HTTP/1.1" 301 162 ...
show more
HTTP Probing. Log: 52.59.199.1 - - [03/Jul/2026:19:09:35 +0000] "GET /adminer.php HTTP/1.1" 301 162 "https://kitki30.tk/adminer.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ท
setupgr
2026-07-03 19:07:49
(23 minutes ago)
(mod_security) mod_security (id:1000001) triggered by 52.59.199.1 (DE/Germany/Hesse/Frankfurt am Mai ...
show more
(mod_security) mod_security (id:1000001) triggered by 52.59.199.1 (DE/Germany/Hesse/Frankfurt am Main/-/[AS16509 AMAZON-02]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:07:48.054414 2026] [security2:error] [pid 3763573:tid 3763615] [remote 52.59.199.1:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/adminer.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /adminer.php"] [severity "CRITICAL"] [tag "security"] [hostname "santoriniicon.com"] [uri "/adminer.php"] [unique_id "akgIhKZOyGhY_V7YKT02FwAFkgM"]
show less
Port Scan
๐ฉ๐ช
tinect
2026-07-03 19:02:41
(28 minutes ago)
This IP was detected by CrowdSec triggering tinect/http-sensitive-file-probe
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-03 19:01:14
(30 minutes ago)
(PERMBLOCK) 52.59.199.1 (DE/Germany/ec2-52-59-199-1.eu-central-1.compute.amazonaws.com) has had more ...
show more
(PERMBLOCK) 52.59.199.1 (DE/Germany/ec2-52-59-199-1.eu-central-1.compute.amazonaws.com) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Port Scan
๐ณ๐ฑ
CryptoYakari
2026-07-03 19:01:12
(30 minutes ago)
[Fri Jul 03 22:01:07.218282 2026] [proxy_fcgi:error] [pid 1107208:tid 1107241] [client 52.59.199.1:0 ...
show more
[Fri Jul 03 22:01:07.218282 2026] [proxy_fcgi:error] [pid 1107208:tid 1107241] [client 52.59.199.1:0] AH01071: Got error 'Primary script unknown'
[Fri Jul 03 22:01:07.361570 2026] [proxy_fcgi:error] [pid 1107208:tid 1107257] [client 52.59.199.1:0] AH01071: Got error 'Primary script unknown'
[Fri Jul 03 22:01:07.553514 2026] [proxy_fcgi:error] [pid 1107206:tid 1107239] [client 52.59.199.1:0] AH01071: Got error 'Primary script unknown', referer: http://allmy.win/adminer.php
...
show less
Web Spam
Blog Spam
Web App Attack
Bad Web Bot
๐ฉ๐ช
roxyapi
2026-07-03 18:41:03
(50 minutes ago)
Honeypot: automated vulnerability scan / web app attack. Last probe: GET /adminer.php
Web App Attack
Bad Web Bot
๐บ๐ธ
deskpass.com
2026-07-03 18:28:20
(1 hour ago)
GET /adminer.php
Web App Attack
๐ง๐ช
taivas.nl
2026-07-03 18:02:10
(1 hour ago)
Bad_requests
Bad Web Bot
๐ซ๐ฎ
as211431.net
2026-07-03 18:00:53
(1 hour ago)
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1. ...
show more
Triggered Cloudflare WAF (firewallCustom) from DE.
Action taken: MANAGED_CHALLENGE
Protocol: HTTP/1.1 (GET method)
Endpoint: /
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
helios.live
2026-07-03 17:48:08
(1 hour ago)
2026/07/03 17:48:06 [error] 2997128#2997128: *709941 FastCGI sent in stderr: "Primary script unknown ...
show more
2026/07/03 17:48:06 [error] 2997128#2997128: *709941 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 52.59.199.1, server: kocerroxy.com, request: "GET /adminer.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com"
52.59.199.1 - - [03/Jul/2026:17:48:06 +0000] "GET /adminer.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
2026/07/03 17:48:06 [error] 2997128#2997128: *709941 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 52.59.199.1, server: kocerroxy.com, request: "GET /adminer.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "kocerroxy.com"
52.59.199.1 - - [03/Jul/2026:17:48:06 +0000] "GET /adminer.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/2010010
...
show less
Web App Attack
๐ต๐ฑ
strefapi_com
2026-07-03 17:45:00
(1 hour ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack
๐ง๐ฌ
HighWay
2026-07-03 17:44:21
(1 hour ago)
52.59.199.1 - - [03/Jul/2026:17:44:17 +0000] "GET /adminer.php HTTP/1.1" 404 64293 "-" "Mozilla/5.0 ...
show more
52.59.199.1 - - [03/Jul/2026:17:44:17 +0000] "GET /adminer.php HTTP/1.1" 404 64293 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
52.59.199.1 - - [03/Jul/2026:17:44:18 +0000] "GET /adminer.php HTTP/1.1" 404 63745 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/119.0"
52.59.199.1 - - [03/Jul/2026:17:44:19 +0000] "GET /adminer.php HTTP/1.1" 404 64164 "http://jobseu.org/adminer.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐ฌ๐ท
setupgr
2026-07-03 17:34:20
(1 hour ago)
(mod_security) mod_security (id:1000001) triggered by 52.59.199.1 (DE/Germany/Hesse/Frankfurt am Mai ...
show more
(mod_security) mod_security (id:1000001) triggered by 52.59.199.1 (DE/Germany/Hesse/Frankfurt am Main/-/[AS16509 AMAZON-02]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:34:15.893144 2026] [security2:error] [pid 3763573:tid 3763711] [client 52.59.199.1:3067] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/adminer.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /adminer.php"] [severity "CRITICAL"] [tag "security"] [hostname "ftiaxtomonosou.gr"] [uri "/adminer.php"] [unique_id "akfyl6ZOyGhY_V7YKT0yMQAABZE"]
show less
Port Scan
๐บ๐ธ
interbiznw.com
2026-07-03 17:27:21
(2 hours ago)
malicious-web-requests-vulnerability-scanning
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฌ๐ง
Smish
2026-07-03 17:24:27
(2 hours ago)
HONEYPOT HIT --> Fail2ban time=1783099465 log=2026-07-03T18:24:25+01:00 ip=52.59.199.1 host=as210667 ...
show more
HONEYPOT HIT --> Fail2ban time=1783099465 log=2026-07-03T18:24:25+01:00 ip=52.59.199.1 host=as210667.net method=GET uri="/adminer.php" status=404 ua="Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ref="-" rid=1f19e1a6ca76a560d882cee3fca73c8f
show less
Web App Attack