๐ฌ๐ง
consul.to
2026-07-10 20:25:03
(18 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
Charlesiv
2026-07-10 08:03:19
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
ASN: 14061 (Digit ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action taken: MANAGED_CHALLENGE
ASN: 14061 (DigitalOcean, LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /_profiler/open
Query: ?file=config/services.yaml
Timestamp: 2026-07-10T07:38:46Z
Ray ID: a18de92adb5c83ad
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36
show less
Bad Web Bot
Anonymous
2026-07-09 05:06:03
(2 days ago)
<jail> banned by fail2ban
Brute-Force
Web App Attack
๐ฌ๐ง
consul.to
2026-07-09 04:01:57
(2 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-07-08 13:04:07
(3 days ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 2. Unique request paths counted internally: 2. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-08 05:17:34
(3 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1247
Exploited Host
Web App Attack
Anonymous
2026-07-07 23:47:04
(3 days ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-07-07 17:56:23
(3 days ago)
162.243.95.38 - [07/Jul/2026:10:56:13 -0700] family.idavoll.dynu.net "GET /.env HTTP/1.1" 404 4609
1 ...
show more
162.243.95.38 - [07/Jul/2026:10:56:13 -0700] family.idavoll.dynu.net "GET /.env HTTP/1.1" 404 4609
162.243.95.38 - [07/Jul/2026:10:56:14 -0700] family.idavoll.dynu.net "GET /_profiler/phpinfo HTTP/1.1" 404 4609
162.243.95.38 - [07/Jul/2026:10:56:19 -0700] family.idavoll.dynu.net "GET /_profiler/open?file=config/packages/swiftmailer.yaml HTTP/1.1" 404 4609
162.243.95.38 - [07/Jul/2026:10:56:21 -0700] family.idavoll.dynu.net "GET /_profiler/open?file=.env HTTP/1.1" 404 4610
162.243.95.38 - [07/Jul/2026:10:56:22 -0700] family.idavoll.dynu.net "GET /_profiler/open?file=config/services.yaml HTTP/1.1" 404 4608
...
show less
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-07 15:58:46
(3 days ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-06 14:36:04
(5 days ago)
162.243.95.38 - - [06/Jul/2026:17:35:56 +0300] "GET /.env HTTP/1.1" 404 4759 "-" "Mozilla/5.0 (Windo ...
show more
162.243.95.38 - - [06/Jul/2026:17:35:56 +0300] "GET /.env HTTP/1.1" 404 4759 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
162.243.95.38 - - [06/Jul/2026:17:36:03 +0300] "GET /_profiler/open?file=.env HTTP/1.1" 404 4760 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ช
Skyrider
2026-07-06 09:20:10
(5 days ago)
Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.
Bad Web Bot
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-07-06 03:10:53
(5 days ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 2. Unique request paths counted internally: 2. Cloudflare action: block. Cloudflare source: firewallCustom.
show less
Web App Attack
Anonymous
2026-07-06 01:32:18
(5 days ago)
nginx-444 from fail2ban
...
Web App Attack
๐ซ๐ฎ
oh.mg
2026-07-05 19:39:43
(5 days ago)
[Sun Jul 05 21:39:41.931488 2026] [security2:error] [pid 2802958:tid 2803007] [client 162.243.95.38: ...
show more
[Sun Jul 05 21:39:41.931488 2026] [security2:error] [pid 2802958:tid 2803007] [client 162.243.95.38:54464] [client 162.243.95.38] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "en.social.mmn.on.ca"] [uri "/.env"] [unique_id "akqy_Sp_vmfnQbA4h6mFsgAAANQ"]
[Sun Jul 05 21:39:43.626010 2026] [security2:error] [pid 2802957:tid 2802963] [client 162.243.95.38:54478] [client 162.243.95.38] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"]
...
show less
Web App Attack
Bad Web Bot
๐ณ๐ฑ
taivas.nl
2026-07-05 11:00:04
(6 days ago)
General_bad_requests
Bad Web Bot