Anonymous
2026-07-05 00:50:35
(1 week ago)
[ns3.backorder.gr] httpd-404: sites=www.example.com; logs=/var/log/httpd/access_log; samples=/ | /lo ...
show more
[ns3.backorder.gr] httpd-404: sites=www.example.com; logs=/var/log/httpd/access_log; samples=/ | /logs | /.aws/credentials
show less
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-04 22:23:27
(1 week ago)
[Sun Jul 05 08:23:26.449834 2026] [security2:error] [pid 852959] [client 139.162.82.117:45866] [clie ...
show more
[Sun Jul 05 08:23:26.449834 2026] [security2:error] [pid 852959] [client 139.162.82.117:45866] [client 139.162.82.117] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.com.au"] [uri "/debug.log"] [unique_id "akmH3gxbuGpUj3PqXDIPKQAAABA"]
...
show less
Web App Attack
๐ซ๐ฎ
kumiko
2026-07-04 16:12:34
(1 week ago)
[2026-07-04 19:12:33] Probing for dotfiles
"GET /.github/workflows/*.yml HTTP/1.1" 403
Bad Web Bot
Web App Attack
๐ง๐ท
Vieira Filho
2026-07-04 15:46:06
(1 week ago)
139.162.82.117 - - [04/Jul/2026:12:46:04 -0300] [35.198.31.82] "35.198.31.82" "GET /api/admin HTTP/ ...
show more
139.162.82.117 - - [04/Jul/2026:12:46:04 -0300] [35.198.31.82] "35.198.31.82" "GET /api/admin HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000
139.162.82.117 - - [04/Jul/2026:12:46:05 -0300] [35.198.31.82] "35.198.31.82" "GET /secrets.ts HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000
139.162.82.117 - - [04/Jul/2026:12:46:05 -0300] [35.198.31.82] "35.198.31.82" "GET /.travis.yml HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000
139.162.82.117 - - [04/Jul/2026:12:46:05 -0300] [35.198.31.82] "35.198.31.82" "GET /keys.js HTTP/1.1" 404 571 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 0.000
139.162.82.117 - - [04/Jul/2026:12:46:05 -0300] [3
...
show less
Brute-Force
Web App Attack
Exploited Host
๐ฉ๐ช
petardimic
2026-07-04 13:40:03
(1 week ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ณ๐ฑ
bazter.pro
2026-07-04 11:01:47
(1 week ago)
139.162.82.117 - - [04/Jul/2026:11:01:46 +0000] "GET /.env HTTP/1.1" 404 297 "-" "Mozilla/5.0 (Windo ...
show more
139.162.82.117 - - [04/Jul/2026:11:01:46 +0000] "GET /.env HTTP/1.1" 404 297 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
...
show less
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
SSH
๐ฉ๐ช
XICTRON
2026-07-03 17:00:04
(1 week ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
Anonymous
2026-07-03 14:27:18
(1 week ago)
Bot detected scanning for vulnerable pages
Port Scan
Anonymous
2026-07-03 13:36:40
(1 week ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
๐ซ๐ท
Little Iguana
2026-07-03 11:40:26
(1 week ago)
Attempt to hack Wordpress Login, XMLRPC or other login
Hacking
๐บ๐ธ
i553041
2026-07-03 06:07:58
(1 week ago)
139.162.82.117 - - [03/Jul/2026:06:07:56 +0000] "GET / HTTP/1.1" 200 409 "-" "Mozilla/5.0 (Windows N ...
show more
139.162.82.117 - - [03/Jul/2026:06:07:56 +0000] "GET / HTTP/1.1" 200 409 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
139.162.82.117 - - [03/Jul/2026:06:07:57 +0000] "GET / HTTP/1.1" 200 409 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
139.162.82.117 - - [03/Jul/2026:06:07:57 +0000] "GET /.serverless/serverless-state.json HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
139.162.82.117 - - [03/Jul/2026:06:07:57 +0000] "GET /.env.aws HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36"
139.162.82.117 - - [03/Jul/2026:06:07:57 +0000] "GET /.env.production.local HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.
...
show less
Brute-Force
SSH
๐ณ๐ฑ
sernate
2026-07-03 03:39:17
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 139.162.82.117 (JP/Japan/139-162-82-117.ip.lino ...
show more
(mod_security) mod_security (id:210492) triggered by 139.162.82.117 (JP/Japan/139-162-82-117.ip.linodeusercontent.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC
show less
Brute-Force
๐ฉ๐ช
IloGus
2026-07-03 03:15:28
(1 week ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐ฉ๐ช
nyt
2026-07-02 20:42:28
(1 week ago)
404 flood (16/60s), Sensitive File Probe, 404 flood (17/60s)
Bad Web Bot
Web App Attack
๐ฉ๐ช
Teufel100
2026-07-02 20:30:15
(1 week ago)
ModSecurity rejected a query
Brute-Force
Hacking
Web App Attack