Anonymous
2026-07-18 01:52:40
(25 minutes ago)
Detected by CrowdSec: crowdsecurity/http-bad-user-agent
Web App Attack
๐ซ๐ท
Campus France
2026-07-18 01:50:12
(28 minutes ago)
[Sat Jul 18 03:50:11.818225 2026] [php:error] [pid 922870] [client 74.248.124.144:32765] script '/va ...
show more
[Sat Jul 18 03:50:11.818225 2026] [php:error] [pid 922870] [client 74.248.124.144:32765] script '/var/www/html/this_is_a_new_hello_world.php' not found or unable to stat
[Sat Jul 18 03:50:11.849052 2026] [php:error] [pid 922870] [client 74.248.124.144:32765] script '/var/www/html/wp-check.php' not found or unable to stat
[Sat Jul 18 03:50:11.878795 2026] [php:error] [pid 922870] [client 74.248.124.144:32765] script '/var/www/html/wp-logins.php' not found or unable to stat
[Sat Jul 18 03:50:11.909221 2026] [php:error] [pid 922870] [client 74.248.124.144:32765] script '/var/www/html/wp-logs.php' not found or unable to stat
[Sat Jul 18 03:50:11.942798 2026] [php:error] [pid 922870] [client 74.248.124.144:32765] script '/var/www/html/ww.php' not found or unable to stat
...
show less
Brute-Force
Web App Attack
๐ง๐ท
dominioz
2026-07-18 01:29:46
(48 minutes ago)
2026-07-18 01:29:02 POST /wp-plain.php - - 74.248.124.144 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+ ...
show more
2026-07-18 01:29:02 POST /wp-plain.php - - 74.248.124.144 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+SM-G892A+Bulid/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Moblie+Safari/537.36 www.google.com 404 105051
2026-07-18 01:29:03 POST /ALFA_DATA/alfacgiapi/perl.alfa - - 74.248.124.144 HTTP/1.1 Mozlila/5.0+(Linux;+Android+7.0;+SM-G892A+Bulid/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Moblie+Safari/537.36 www.google.com 404 105051
2026-07-18 01:29:03 POST /alfacgiapi/perl.alfa - - 74.248.124.144 HTTP/1.1 Mozlila/5.0+(Linux;+Android+7.0;+SM-G892A+Bulid/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Moblie+Safari/537.36 www.google.com 404 105051
2026-07-18 01:29:09 GET /ycledhaj.php Fox=d3wL7 - 74.248.124.144 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+SM-G892A+Bulid/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Moblie+Safari/537.36 www.googl
...
show less
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-07-18 01:27:58
(50 minutes ago)
Unauthorized access to webpage admin
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-07-18 01:23:21
(55 minutes ago)
CMS/framework probe: 74.248.124.144 - - [18/Jul/2026:03:23:21 +0200] "GET /wp-content/plugins/hellop ...
show more
CMS/framework probe: 74.248.124.144 - - [18/Jul/2026:03:23:21 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" asn=8075 org="Microsoft Corporation" country=PL
...
show less
Web App Attack
๐ซ๐ท
Catalin Negru
2026-07-18 01:15:16
(1 hour ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐ซ๐ท
โจ
2026-07-18 01:12:10
(1 hour ago)
Domain : mgt.co.com
Rule : config
2026-07-18 01:10:25 ***hidden-privacy***46 GET /wp-configer.php - ...
show more
Domain : mgt.co.com
Rule : config
2026-07-18 01:10:25 ***hidden-privacy***46 GET /wp-configer.php - 443 - 74.248.124.144 HTTP/1.1 - - mgt.co.com 404 0 2 5218 51 57 - -
show less
Hacking
SQL Injection
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-18 01:08:02
(1 hour ago)
Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa01,wa02]
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
madaello
2026-07-18 01:06:09
(1 hour ago)
74.248.124.144 - - [18/Jul/2026:03:06:08 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" ...
show more
74.248.124.144 - - [18/Jul/2026:03:06:08 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 4629 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
74.248.124.144 - - [18/Jul/2026:03:06:08 +0200] "POST /wp-plain.php HTTP/1.1" 404 4338 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
74.248.124.144 - - [18/Jul/2026:03:06:08 +0200] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 4628 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
74.248.124.144 - - [18/Jul/2026:03:06:08 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 558 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; w
...
show less
Port Scan
๐ฎ๐ฉ
zam
2026-07-18 01:04:00
(1 hour ago)
74.248.124.144 - - [18/Jul/2026:01:03:55 +0000] "GET /wp-uploads.php HTTP/1.1" 301 289
Web App Attack
๐ฌ๐ง
andypiper
2026-07-18 01:02:34
(1 hour ago)
CrowdSec ban for AbuseIPDB Top List
Brute-Force
Web App Attack
๐ซ๐ฎ
as211431.net
2026-07-18 00:54:18
(1 hour ago)
Triggered Cloudflare WAF (firewallCustom) from PL.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET metho ...
show more
Triggered Cloudflare WAF (firewallCustom) from PL.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /wp-uploads.php
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฆ๐บ
paulshipley.com.au
2026-07-18 00:53:36
(1 hour ago)
[Sat Jul 18 10:53:35.957193 2026] [security2:error] [pid 708656] [client 74.248.124.144:31179] [clie ...
show more
[Sat Jul 18 10:53:35.957193 2026] [security2:error] [pid 708656] [client 74.248.124.144:31179] [client 74.248.124.144] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "shotbysuzanne.com.au"] [uri "/wp-plain.php"] [unique_id "alrOj0oHZIptotArbwkKkQAAAA8"], referer: www.google.com
...
show less
Web App Attack
๐ต๐ฑ
nfsec.pl
2026-07-18 00:51:18
(1 hour ago)
74.248.124.144 - - [18/Jul/2026:00:50:26 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.p ...
show more
74.248.124.144 - - [18/Jul/2026:00:50:26 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 403 387 "-" "-"
74.248.124.144 - - [18/Jul/2026:00:51:06 +0000] "GET /wp-check.php HTTP/1.1" 403 387 "-" "-"
74.248.124.144 - - [18/Jul/2026:00:51:08 +0000] "GET /wp-logins.php HTTP/1.1" 403 387 "-" "-"
74.248.124.144 - - [18/Jul/2026:00:51:16 +0000] "GET /ww.php HTTP/1.1" 403 387 "-" "-"
74.248.124.144 - - [18/Jul/2026:00:51:18 +0000] "GET /meta.php HTTP/1.1" 403 387 "-" "-"
...
show less
Web App Attack
Exploited Host
Anonymous
2026-07-18 00:48:42
(1 hour ago)
74.248.124.144 - - [17/Jul/2026:21:48:37 -0300] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" ...
show more
74.248.124.144 - - [17/Jul/2026:21:48:37 -0300] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 301 162 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
74.248.124.144 - - [17/Jul/2026:21:48:39 -0300] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 301 162 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
74.248.124.144 - - [17/Jul/2026:21:48:40 -0300] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 1807 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
...
show less
Port Scan