๐ฉ๐ช
LRob
2026-07-11 04:23:10
(21 hours ago)
CrowdSec: crowdsecurity/http-probing | req: ["/api-docs","/swagger/v1/swagger.json","/v2/api-docs"," ...
show more
CrowdSec: crowdsecurity/http-probing | req: ["/api-docs","/swagger/v1/swagger.json","/v2/api-docs","/api/v1/swagger.json","/swagger.json","/openapi.json","/api/v2/swagger.json","/docs/swagger.json","/api/docs","/v3/api-docs","/api/swagger.json"] | UA: ["Mozilla/5.0 (X11; Linux x86_64; rv:148.0) Gecko/20100101 Firefox/148.0","Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML,
show less
Port Scan
Web App Attack
๐จ๐ฆ
SSH-Admin
2026-07-11 04:00:05
(22 hours ago)
Probing for Exploits on ns200
Exploited Host
Web App Attack
๐จ๐ฆ
SSH-Admin
2026-07-11 03:19:02
(22 hours ago)
Probing for Exploits on ns56
Exploited Host
Web App Attack
๐ซ๐ท
Lunix
2026-07-11 02:55:56
(23 hours ago)
Brute-Force
Web App Attack
๐ซ๐ท
โจ
2026-07-11 02:49:16
(23 hours ago)
Domain : adventurephotographs.com
Rule : DangerQueryString
2026-07-11 02:47:31 ***hidden-privacy***4 ...
show more
Domain : adventurephotographs.com
Rule : DangerQueryString
2026-07-11 02:47:31 ***hidden-privacy***48 GET /iceland/golden_circle/geyser/index.aspx c=0' 80 - 136.0.213.155 HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 - adventurephotographs.com 302 0 0 629 727 64 - -
show less
Web App Attack
๐ฎ๐ฑ
spd.co.il
2026-07-08 23:01:33
(3 days ago)
Web application attack detected
Hacking
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-06 19:43:11
(5 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ธ๐ช
vaia.cloud
2026-07-06 19:17:01
(5 days ago)
trying wp-login.php/xmlrpc.php 45 times in 1 minutes
Brute-Force
Web App Attack
๐ฎ๐น
mediarama.com
2026-07-06 10:07:25
(5 days ago)
Banned by Fail2Ban
Web App Attack
๐ฆ๐บ
afleventoffice.com.au
2026-07-06 09:51:02
(5 days ago)
GET /swagger/v2/swagger.json HTTP/1.1
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 19:07:51
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 136.0.213.155 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.0.213.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 15:07:46.351979 2026] [security2:error] [pid 4588:tid 4588] [client 136.0.213.155:60367] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingscruff.com"] [uri "/.env"] [unique_id "akgIgslZ5KvXV1lww9-7kAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Lee Daniel
2026-07-03 18:55:43
(1 week ago)
136.0.213.155 - - [03/Jul/2026:14:55:42 -0400] "GET /.env HTTP/1.1" 403 6281 "-" "Mozilla/5.0 (iPhon ...
show more
136.0.213.155 - - [03/Jul/2026:14:55:42 -0400] "GET /.env HTTP/1.1" 403 6281 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) FxiOS/148.0 Mobile/15E148 Safari/605.1.15"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:35:36
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 136.0.213.155 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.0.213.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:35:31.966526 2026] [security2:error] [pid 10903:tid 10973] [client 136.0.213.155:57219] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seips.org"] [uri "/.env"] [unique_id "akgA8yDGidLkM-qYcAWPiwAAAMA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
voormedia
2026-07-03 18:08:45
(1 week ago)
Accessed trap at '/.env'
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 18:02:16
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 136.0.213.155 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 136.0.213.155 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 14:02:11.300674 2026] [security2:error] [pid 1914:tid 1914] [client 136.0.213.155:42464] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "infolinkqr.com"] [uri "/.env"] [unique_id "akf5I-V9fIIjd6kJ8hR8QwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack