๐ต๐น
redmihype
2026-06-19 13:39:37
(1 week ago)
Port scan (CrowdSec)
Port Scan
๐น๐ญ
MWA SOC
2026-06-17 07:05:12
(2 weeks ago)
Hacking
Anonymous
2026-06-17 06:58:07
(2 weeks ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ฉ๐ช
joharikop
2026-06-17 05:24:23
(2 weeks ago)
Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-cred ...
show more
Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-credential-probes jail.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 05:17:42
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 165.245.248.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.248.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 01:17:36.674033 2026] [security2:error] [pid 29063:tid 29082] [client 165.245.248.18:48152] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.17"] [uri "/.git/HEAD"] [unique_id "ajIt8Gf3LGQYS8Xn8-E2AAAAAE0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-17 04:44:51
(2 weeks ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 04:43:08
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 165.245.248.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 165.245.248.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 00:43:00.267477 2026] [security2:error] [pid 13952:tid 13952] [client 165.245.248.18:51274] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.236"] [uri "/.git/HEAD"] [unique_id "ajIl1MpVsPYN7qlxVRBxwAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Roderic
2026-06-17 04:30:42
(2 weeks ago)
(apache_scanners-2) Failed apache-scanners trigger with match [redacted])
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-17 04:03:25
(2 weeks ago)
(mod_security) mod_security (id:949110) triggered by 165.245.248.18 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:949110) triggered by 165.245.248.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 00:03:21.720716 2026] [security2:error] [pid 31948:tid 31948] [client 165.245.248.18:36740] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "192.64.150.239"] [uri "/.git/HEAD"] [unique_id "ajIciajp5JiC43yG9Y7RvgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dpsbs
2026-06-17 03:12:58
(2 weeks ago)
url scanning on multiple public ips detected
Bad Web Bot
๐บ๐ธ
MPL
2026-06-17 01:46:48
(2 weeks ago)
tcp port scan (10 or more attempts)
Port Scan
๐ท๐ธ
Scan
2026-06-17 01:20:04
(2 weeks ago)
MultiHost/MultiPort Probe, Scan, Hack -
Port Scan
Hacking
๐ณ๐ฑ
debestelapp
2026-06-17 00:29:45
(2 weeks ago)
Web App Attack
๐ซ๐ท
โจ
2026-06-17 00:24:12
(2 weeks ago)
Rule : Security
Rule: Security
Event: Security
0 - %592 165.245.248.18 46318 77.90.37.154 2086 6 ...
show more
Rule : Security
Rule: Security
Event: Security
0 - %592 165.245.248.18 46318 77.90.37.154 2086 6 Stealth 154698 %597 13
show less
Port Scan
Hacking
Brute-Force