๐ฑ๐น
juozaspo
2026-07-15 23:03:27
(3 hours ago)
Automatic Report: Too much requests to non-existing pages in a very short time, auto-banned
Bad Web Bot
Web App Attack
๐น๐ท
ycoskun41
2026-07-15 22:14:18
(4 hours ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
๐ฟ๐ฆ
conure
2026-07-15 21:45:24
(4 hours ago)
csagent: score 20.8: 404 noise floor x3, secrets grab x2; 1 domain(s) in 0s
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-15 21:25:06
(5 hours ago)
Web App Attack
๐ฌ๐ง
consul.to
2026-07-15 20:58:31
(5 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
kosada.com
2026-07-15 15:17:37
(11 hours ago)
Web vulnerability probing: /.env
Web App Attack
๐บ๐ธ
jcbriar
2026-07-15 15:07:19
(11 hours ago)
Searching for vulnerable scripts
Hacking
Web App Attack
๐ณ๐ฑ
MM-bot
2026-07-15 06:36:20
(20 hours ago)
URL-probe: HTTP/1.1 GET request on /wp-json (2026-07-15 08:36:20 UTC+2)
Web App Attack
Hacking
๐ฌ๐ท
setupgr
2026-07-15 02:07:42
(1 day ago)
(mod_security) mod_security (id:11000010) triggered by 104.28.197.13 (KR/South Korea/Chungcheongnam- ...
show more
(mod_security) mod_security (id:11000010) triggered by 104.28.197.13 (KR/South Korea/Chungcheongnam-do/Cheonan-si/-/[AS13335 CLOUDFLARENET]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Wed Jul 15 05:07:41.018623 2026] [security2:error] [pid 997246:tid 997309] [remote 104.28.197.13:56198] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "OAI-SearchBot" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "114"] [id "11000010"] [msg "BLOCKED BOT: OAI-SearchBot on grafeioteletonkaragiannis.gr"] [severity "CRITICAL"] [hostname "grafeioteletonkaragiannis.gr"] [uri "/.aws/config"] [unique_id "albrbQ_LJv0Dtt48ot-s5wAEDAc"]
show less
Port Scan
๐ฉ๐ช
Holger
2026-07-15 01:02:57
(1 day ago)
Bruteforce WebAttack
Brute-Force
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-15 00:38:58
(1 day ago)
cloudlinux2 fail2ban: 2026-07-15 02:33:48,427 fail2ban.filter [1878]: INFO [plesk-wordpre ...
show more
cloudlinux2 fail2ban: 2026-07-15 02:33:48,427 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 45.8.19.144 - 2026-07-15 02:33:47cloudlinux2 fail2ban: 2026-07-15 02:33:47,701 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 45.8.19.173 - 2026-07-15 02:33:46cloudlinux2 fail2ban: 2026-07-15 02:34:24,696 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 142.111.152.81 - 2026-07-15 02:34:23cloudlinux2 fail2ban: 2026-07-15 02:34:35,480 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 172.98.32.65 - 2026-07-15 02:34:34cloudlinux2 fail2ban: 2026-07-15 02:34:41,781 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 173.239.211.149 - 2026-07-15 02:34:39cloudlinux2 fail2ban: 2026-07-15 02:34:40,978 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 173.239.211.169 - 2026-07-15 02:34:39cloudlinux2 fail2ban: 2026-07-15 02:34:36,401 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 172.98.32.61 - 2026-07-15 02:34:34cloudlinux
show less
Web App Attack
Anonymous
2026-07-15 00:34:17
(1 day ago)
(caddyscan) Scanner path probe from 104.28.197.13 (KR/South Korea/-): 5 in the last 3600 secs; Ports ...
show more
(caddyscan) Scanner path probe from 104.28.197.13 (KR/South Korea/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 104.28.197.13 - - [15/Jul/2026:00:34:14 +0000] "GET /.vscode/launch.json HTTP/1.1"
[REDACTED] 200 2627 104.28.197.13 - - [15/Jul/2026:00:34:14 +0000] "GET /.ssh/id_ed25519 HTTP/1.1"
[REDACTED] 200 2627 104.28.197.13 - - [15/Jul/2026:00:34:14 +0000] "GET /.ssh/id_rsa HTTP/1.1"
[REDACTED] 200 2627 104.28.197.13 - - [15/Jul/2026:00:34:14 +0000] "GET /.ssh/id_ecdsa HTTP/1.1"
[REDACTED] 200 2627 104.28.197.13 - - [15/Jul/2026:00:34:15 +0000] "GET /.ssh/config HTTP/1.1"
show less
Port Scan
๐ซ๐ท
masterguru
2026-07-15 00:13:23
(1 day ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.28.197.13 (KR/South Korea/-): 1 in the las ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.28.197.13 (KR/South Korea/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐จ๐ญ
Origon
2026-07-14 20:21:45
(1 day ago)
http-probing - IP: 104.28.197.13 - time="2026-07-14T22:21:45+02:00" level=info msg="(555f66b4f6a745 ...
show more
http-probing - IP: 104.28.197.13 - time="2026-07-14T22:21:45+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 104.28.197.13 (DE/13335) : 4h ban on Ip 104.28.197.13" module=db
show less
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-14 19:52:44
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack