๐ซ๐ฎ
Jordy
2026-01-11 17:15:56
(6 months ago)
11/Jan/2026:18:15:37.966775 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ...
show more
11/Jan/2026:18:15:37.966775 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 194.195.119.248] ModSecurity: Warning. Pattern match "(?:\\\\\\\\$(?:\\\\\\\\((?:\\\\\\\\(.*\\\\\\\\)|.*)\\\\\\\\)|\\\\\\\\{.*\\\\\\\\})|[<>]\\\\\\\\(.*\\\\\\\\))" at ARGS:0. [file "/usr/share/modsecurity-crs/rules/REQUEST-932-APPLICATION-ATTACK-RCE.conf"] [line "367"] [id "932130"] [msg "Remote Command Execution: Unix Shell Expression Found"] [data "Matched Data: $((41*271))) found within ARGS:0: {then:$1:__proto__:then status:resolved_model reason:-1 value:{then:$b1337} _response:{_prefix:var res=process.mainmodule.require(child_process).execsync(echo $((41*271))).tostring().trim() throw object.assign(new error(next_redirect) {digest: `next_redirect push/login?a=${res} 307 `}) _chunks:$q2 _formdata:{get:$1:constructor:constructor}}}"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-shell"] [tag "platform-unix"] [tag "attack-rce"] [tag "paranoia-le
...
show less
Web App Attack
๐ณ๐ฑ
valryx
2026-01-11 11:40:34
(6 months ago)
๐ก๏ธ Cloudflare WAF - 4 malicious requests
Actions: block
Sources: firewallManaged, firewallCustom
Cou ...
show more
๐ก๏ธ Cloudflare WAF - 4 malicious requests
Actions: block
Sources: firewallManaged, firewallCustom
Country: IN
Attacked paths:
โข /
User-Agent: python-requests/2.32.5
show less
Bad Web Bot
๐บ๐ธ
LotPhantom
2026-01-11 10:00:16
(6 months ago)
194.195.119.248 - - [11/Jan/2026:09:59:16 +0000] "HEAD / HTTP/1.1" 200 0 "-" "python-requests/2.32.5 ...
show more
194.195.119.248 - - [11/Jan/2026:09:59:16 +0000] "HEAD / HTTP/1.1" 200 0 "-" "python-requests/2.32.5" "0"
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
lavnet.net
2026-01-11 07:36:23
(6 months ago)
[Sun Jan 11 07:36:21.155343 2026] [authz_core:error] [pid 1084434:tid 1084473] [client 194.195.119.2 ...
show more
[Sun Jan 11 07:36:21.155343 2026] [authz_core:error] [pid 1084434:tid 1084473] [client 194.195.119.248:55186] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php
[Sun Jan 11 07:36:21.155581 2026] [authz_core:error] [pid 1084434:tid 1084473] [client 194.195.119.248:55186] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php
[Sun Jan 11 07:36:23.065491 2026] [authz_core:error] [pid 1084434:tid 1084471] [client 194.195.119.248:55192] AH01630: client denied by server configuration: /var/www/thejunkymonkey.com/web/index.php
...
show less
Brute-Force
๐จ๐ฟ
ddw
2026-01-11 04:48:38
(6 months ago)
ModSecurity detection - Rules: 949110(Inbound Anomaly Score Exceeded (Total Score: 40))
Web App Attack
๐ซ๐ท
masterguru
2026-01-11 03:39:35
(6 months ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 194.195.119.248 (IN/India/194-195-119 ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 194.195.119.248 (IN/India/194-195-119-248.ip.linodeusercontent.com): 1 in the last 3600 secs (0-196)
show less
Hacking
๐ฉ๐ช
Hugopvigo
2026-01-10 21:43:32
(6 months ago)
"2026-01-10 21:43:31+00:00 194.195.119.248 IP con score alto (100) detectada en el log."
Brute-Force
SSH
Anonymous
2026-01-10 18:31:42
(6 months ago)
Portscan: TCP/443 (7x)
Port Scan
๐ญ๐ณ
unph
2026-01-10 17:55:38
(6 months ago)
Intento de acceso sospechoso en el login de WordPress
Brute-Force
๐น๐ญ
MWA SOC
2026-01-10 15:51:31
(6 months ago)
Hacking
Anonymous
2026-01-10 15:06:29
(6 months ago)
Automated report (2026-01-10T15:06:29+00:00). Scraper detected.
Open Proxy
Bad Web Bot
๐ฉ๐ช
sdos.es
2026-01-10 13:24:14
(6 months ago)
"Remote Command Execution: Unix Shell Expression Found - Matched Data: $((41*271))) found within ARG ...
show more
"Remote Command Execution: Unix Shell Expression Found - Matched Data: $((41*271))) found within ARGS:0: {then:$1:__proto__:then status:resolved_model reason:-1 value:{then:$b1337} _response:{_prefix:var res=process.mainmodule.require(child_process).execsync(echo $((41*271))).tostring().trim() throw object.assign(new error(next_redirect) {digest: `next_redirect push/login?a=${res} 307 `}) _chunks:$q2 _formdata:{get:$1:constructor:constructor}}}"
show less
Web App Attack
Anonymous
2026-01-10 10:54:14
(6 months ago)
Reported from Nginx log analysis 19. Log: 194.195.119.248 - - [10/Jan/2026:xx:xx:xx 0100] "POST / H ...
show more
Reported from Nginx log analysis 19. Log: 194.195.119.248 - - [10/Jan/2026:xx:xx:xx 0100] "POST / HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36 Assetnote/1.0.0" "-" "IN India Mumbai" "AS63949" "Akamai Connected Cloud"
show less
Port Scan
Brute-Force
SSH
๐ฎ๐ณ
dineshskt4all
2026-01-10 10:13:38
(6 months ago)
194.195.119.248 - - [10/Jan/2026:10:13:35 +0000] "HEAD / HTTP/1.0" 200 662 "-" "python-requests/2.32 ...
show more
194.195.119.248 - - [10/Jan/2026:10:13:35 +0000] "HEAD / HTTP/1.0" 200 662 "-" "python-requests/2.32.5"
...
show less
IoT Targeted
๐ฏ๐ต
Valhalla
2026-01-10 10:05:18
(6 months ago)
~ suspicious post ~
Hacking
Web App Attack