๐ฉ๐ช
LRob.fr
2026-05-01 16:37:10
(1 month ago)
Apache web server attack detected by Fail2Ban in plesk-apache jail
Web App Attack
๐ฉ๐ช
DEV-DNS
2026-04-12 11:28:36
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
๐บ๐ธ
Charlesiv
2026-04-12 08:02:24
(2 months ago)
Triggered Cloudflare WAF (firewallCustom) from NL.
Action taken: BLOCK
ASN: 51396 (PFCLOUD Pfcloud U ...
show more
Triggered Cloudflare WAF (firewallCustom) from NL.
Action taken: BLOCK
ASN: 51396 (PFCLOUD Pfcloud UG)
Protocol: HTTP/1.1 (GET method)
Endpoint: /
Timestamp: 2026-04-12T07:34:19Z
Ray ID: 9eb08c454bbadde3
UA: Empty string
show less
Bad Web Bot
๐ฉ๐ช
FeG Deutschland
2026-04-12 06:54:23
(2 months ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12
Exploited Host
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2026-04-12 05:15:56
(2 months ago)
26 attacks on env grabbing URLs, site downloads, PHP URLs, password grabbing URLs, config grabbing U ...
show more
26 attacks on env grabbing URLs, site downloads, PHP URLs, password grabbing URLs, config grabbing URLs (type 2), VC URLs:
GET /.env.bak HTTP/1.1
GET /db1.sql HTTP/1.1
GET /tool/view/phpinfo.view.php HTTP/1.1
GET /.aws/credentials HTTP/1.1
GET /config/aws.yml HTTP/1.1
GET /.git/config HTTP/1.1
show less
Hacking
Web App Attack
๐ง๐ช
madeit
2026-04-12 05:01:35
(2 months ago)
Web App Attack
๐ซ๐ฎ
6kilowatti
2026-04-12 02:55:04
(2 months ago)
[12/Apr/2026:02:55:00 +0000] - 404 404 - GET http jarno.6kw.fi "/.env" [Client 176.65.132.46] [Lengt ...
show more
[12/Apr/2026:02:55:00 +0000] - 404 404 - GET http jarno.6kw.fi "/.env" [Client 176.65.132.46] [Length 25220] [Gzip -] [Sent-to 10.144.0.15] "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/120.0.0.0" "-"
[12/Apr/2026:02:55:04 +0000] - 404 404 - GET http jarno.6kw.fi "/.env.bak" [Client 176.65.132.46] [Length 25220] [Gzip -] [Sent-to 10.144.0.15] "Mozilla/5.0 (iPhone; CPU iPhone OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1" "-"
...
show less
Web App Attack
๐บ๐ธ
Ar1s
2026-04-12 01:51:16
(2 months ago)
[1:2019526] ET WEB_SERVER WEB-PHP phpinfo access ::: Port: 80/TCP
Exploited Host
๐บ๐ธ
Gabriel Camargo
2026-04-12 01:36:54
(2 months ago)
176.65.132.46 - - [11/Apr/2026:20:36:51 -0500] "POST / HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows N ...
show more
176.65.132.46 - - [11/Apr/2026:20:36:51 -0500] "POST / HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
176.65.132.46 - - [11/Apr/2026:20:36:52 -0500] "POST / HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15"
176.65.132.46 - - [11/Apr/2026:20:36:53 -0500] "GET / HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15"
...
show less
Brute-Force
SSH
๐ฌ๐ง
andypiper
2026-04-12 01:01:54
(2 months ago)
CrowdSec ban for AbuseIPDB Top List
Brute-Force
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-04-12 01:00:12
(2 months ago)
176.65.132.46 - - [12/Apr/2026:04:00:10 +0300] "GET /.env HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Window ...
show more
176.65.132.46 - - [12/Apr/2026:04:00:10 +0300] "GET /.env HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0"
176.65.132.46 - - [12/Apr/2026:04:00:11 +0300] "GET /config/.env HTTP/1.1" 404 706 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
Charlesiv
2026-04-12 00:12:41
(2 months ago)
Triggered Cloudflare WAF (firewallCustom) from NL.
Action taken: BLOCK
ASN: 51396 (PFCLOUD Pfcloud U ...
show more
Triggered Cloudflare WAF (firewallCustom) from NL.
Action taken: BLOCK
ASN: 51396 (PFCLOUD Pfcloud UG)
Protocol: HTTP/1.1 (GET method)
Endpoint: /
Timestamp: 2026-04-11T22:39:28Z
Ray ID: 9ead7ccdcf885c43
UA: Empty string
show less
Bad Web Bot
๐ฌ๐ง
www.elivecd.org
2026-04-11 23:23:30
(2 months ago)
176.65.132.46 - - [12/Apr/2026:00:23:29 +0100] "GET /_profiler/phpinfo.php HTTP/1.1" 301 162 "-" "Mo ...
show more
176.65.132.46 - - [12/Apr/2026:00:23:29 +0100] "GET /_profiler/phpinfo.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
176.65.132.46 - - [12/Apr/2026:00:23:29 +0100] "GET /_profiler/phpinfo.php HTTP/1.1" 404 548 "http://hostvu2.elivecd.org/_profiler/phpinfo.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
176.65.132.46 - - [12/Apr/2026:00:23:29 +0100] "GET /_profiler/info.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (iPad; CPU OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1"
176.65.132.46 - - [12/Apr/2026:00:23:29 +0100] "GET /_profiler/info.php HTTP/1.1" 404 146 "http://hostvu2.elivecd.org/_profiler/info.php" "Mozilla/5.0 (iPad; CPU OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1"
176.65.132.46 - - [12/Apr/202
...
show less
DDoS Attack
๐ณ๐ฑ
Site.eu
2026-04-11 22:54:03
(2 months ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
ger-stg-sifi1
2026-04-11 22:47:17
(2 months ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack