๐ต๐ฑ
sledzik1984
2026-06-28 10:07:49
(15 hours ago)
195.164.49.74 - - [28/Jun/2026:12:04:26 +0200] "POST /ajax.php?do=inforum&listforumid=(select(0)from ...
show more
195.164.49.74 - - [28/Jun/2026:12:04:26 +0200] "POST /ajax.php?do=inforum&listforumid=(select(0)from(select(sleep(6)))v)/*'%2B(select(0)from(select(sleep(6)))v)%2B'\x22%2B(select(0)from(select(sleep(6)))v)%2B\x22*/&result=10 HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [28/Jun/2026:12:05:01 +0200] "GET /sites/all/libraries/elfinder/connectors/php/connector.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [28/Jun/2026:12:07:48 +0200] "GET /admin/spider.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-06-28 06:58:10
(18 hours ago)
2026/06/28 06:39:25 [error] 2450514#2450514: *255204 directory index of "/usr/share/phpmyadmin/theme ...
show more
2026/06/28 06:39:25 [error] 2450514#2450514: *255204 directory index of "/usr/share/phpmyadmin/themes/pmahomme/jquery/" is forbidden, client: 195.164.49.74, server: , request: "GET /themes/pmahomme/jquery/ HTTP/1.1", host: "89.25.168.76:81"
195.164.49.74 - - [28/Jun/2026:08:56:08 +0200] "GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\x22;user|s.\x221337\x22; HTTP/1.1" 200 4552 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [28/Jun/2026:08:58:10 +0200] "\x00\x00\x00\x00" 400 157 "-" "-"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-06-28 04:36:35
(20 hours ago)
195.164.49.74 - - [28/Jun/2026:06:36:32 +0200] "GET /wordpress/wp-admin/admin-ajax.php HTTP/1.1" 400 ...
show more
195.164.49.74 - - [28/Jun/2026:06:36:32 +0200] "GET /wordpress/wp-admin/admin-ajax.php HTTP/1.1" 400 11 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
2026/06/28 06:36:33 [error] 2450514#2450514: *255125 directory index of "/home/cmapl/transactions/" is forbidden, client: 195.164.49.74, server: cma.pl, request: "GET /transactions/ HTTP/1.1", host: "89.25.168.76"
2026/06/28 06:36:34 [error] 2450514#2450514: *255129 directory index of "/home/cmapl/kardio_faces/" is forbidden, client: 195.164.49.74, server: cma.pl, request: "GET /kardio_faces/ HTTP/1.1", host: "89.25.168.76"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-06-28 04:12:44
(21 hours ago)
195.164.49.74 - - [27/Jun/2026:17:53:05 +0200] "\x00\x00\x00\x96\x00\x00\x00\x01(client_hello" 400 1 ...
show more
195.164.49.74 - - [27/Jun/2026:17:53:05 +0200] "\x00\x00\x00\x96\x00\x00\x00\x01(client_hello" 400 157 "-" "-"
195.164.49.74 - - [28/Jun/2026:06:12:43 +0200] "\x16\x03\x01\x05\xC4\x01\x00\x05\xC0\x03\x03\xE0\xFB\x94\xD6\x87[Y\x9Ao\xE6x\xB1/\x82M\x89?$\xA0\x89\xE2\x06\xA3\x8A%\x08\x88\xA2[\xEAt\x98 jT\x22\xE3\xD1\x9An\x03\xA9(\x09>\xDB\xA6mB\x96m\xF4{\xBE\x93c\x15bi:w{\xC5\xD9(\x002\xCC\xA9\xCC\xA8\xC0+\xC0/\xC0,\xC00\xC0\x09\xC0\x13\xC0" 400 157 "-" "-"
195.164.49.74 - - [28/Jun/2026:06:12:43 +0200] ";\x00\x00\x00\x01\x00\x00\x00\x00\x00\x00\x00\xD4\x07\x00\x00\x00\x00\x00\x00admin.$cmd\x00\x00\x00\x00\x00\xFF\xFF\xFF\xFF\x14\x00\x00\x00\x01hello\x00\x00\x00\x00\x00\x00\x00\xF0?\x00" 400 157 "-" "-"
...
show less
Web App Attack
๐ต๐ฑ
tomkolp
2026-06-27 14:38:39
(1 day ago)
CrowdSec - Scenario: crowdsecurity/http-probing. Duration: 4h.
Port Scan
Web App Attack
๐ฉ๐ช
updown.io
2026-06-11 15:43:44
(2 weeks ago)
{"level":"info","ts":1781189564.843556,"logger":"http.log.access.log1","msg":"handled request","requ ...
show more
{"level":"info","ts":1781189564.843556,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.74","remote_port":"45120","client_ip":"195.164.49.74","proto":"HTTP/1.1","method":"GET","host":"status.thefarm51.com","uri":"/","headers":{"Accept-Encoding":["gzip, deflate"],"Accept":["*/*"],"Connection":["keep-alive"],"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"]}},"bytes_read":0,"user_id":"","duration":0.000066187,"size":0,"status":308,"resp_headers":{"Location":["https://status.thefarm51.com/"],"Content-Type":[],"Server":["Caddy"],"Connection":["close"]}}
{"level":"info","ts":1781189566.5720806,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.74","remote_port":"45158","client_ip":"195.164.49.74","proto":"HTTP/1.1","method":"GET","host":"status.thefarm51.com","uri":"/","headers":{"Connection":["close"],"Cache-Control":["no-cache"],"User-Agent":["Mozilla/5.0 (compatible; A
...
show less
DDoS Attack
Web App Attack
๐ฉ๐ช
updown.io
2026-05-23 23:32:04
(1 month ago)
{"level":"info","ts":1779576201.3301036,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1779576201.3301036,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.74","remote_port":"35800","client_ip":"195.164.49.74","proto":"HTTP/1.1","method":"GET","host":"status.thefarm51.com","uri":"/","headers":{"Accept":["*/*"],"Connection":["keep-alive"],"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"],"Accept-Encoding":["gzip, deflate"]}},"bytes_read":0,"user_id":"","duration":0.000053251,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://status.thefarm51.com/"],"Content-Type":[],"Server":["Caddy"]}}
{"level":"info","ts":1779576277.3376935,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"195.164.49.74","remote_port":"42308","client_ip":"195.164.49.74","proto":"HTTP/1.1","method":"GET","host":"status.svn.thefarm51.com","uri":"/","headers":{"User-Agent":["Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"]
...
show less
DDoS Attack
Web App Attack
๐ต๐ฑ
sledzik1984
2026-04-03 00:26:20
(2 months ago)
2026/04/03 02:24:35 [error] 1849385#1849385: *49928 directory index of "/home/mta-sts/" is forbidden ...
show more
2026/04/03 02:24:35 [error] 1849385#1849385: *49928 directory index of "/home/mta-sts/" is forbidden, client: 195.164.49.74, server: mta-sts.cma.pl, request: "GET / HTTP/1.1", host: "mta-sts.cma.pl"
195.164.49.74 - - [03/Apr/2026:02:25:22 +0200] "GET /esp/cms_changeDeviceContext.esp?device=aaaaa:a%27\x22;user|s.\x221337\x22; HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
2026/04/03 02:26:19 [error] 1849385#1849385: *49935 directory index of "/home/mta-sts/" is forbidden, client: 195.164.49.74, server: mta-sts.cma.pl, request: "POST /?qfunc=sync HTTP/1.1", host: "mta-sts.cma.pl"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-03-13 21:04:59
(3 months ago)
2026/03/13 22:04:56 [error] 2864139#2864139: *384138 directory index of "/home/mta-sts/" is forbidde ...
show more
2026/03/13 22:04:56 [error] 2864139#2864139: *384138 directory index of "/home/mta-sts/" is forbidden, client: 195.164.49.74, server: mta-sts.cma.pl, request: "GET / HTTP/1.1", host: "mta-sts.cma.pl"
2026/03/13 22:04:58 [error] 2864139#2864139: *384139 directory index of "/home/mta-sts/" is forbidden, client: 195.164.49.74, server: mta-sts.cma.pl, request: "GET / HTTP/1.1", host: "mta-sts.cma.pl"
2026/03/13 22:04:59 [error] 2864139#2864139: *384140 directory index of "/home/mta-sts/" is forbidden, client: 195.164.49.74, server: mta-sts.cma.pl, request: "GET / HTTP/1.1", host: "mta-sts.cma.pl"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-03-08 13:08:42
(3 months ago)
195.164.49.74 - - [08/Mar/2026:14:08:32 +0100] "GET /config/config.inc.php HTTP/1.1" 301 169 "-" "Mo ...
show more
195.164.49.74 - - [08/Mar/2026:14:08:32 +0100] "GET /config/config.inc.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [08/Mar/2026:14:08:32 +0100] "GET /config/config.inc.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [08/Mar/2026:14:08:42 +0100] "GET /test123.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-03-05 11:29:35
(3 months ago)
195.164.49.74 - - [05/Mar/2026:12:29:20 +0100] "GET /sql/index.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 ...
show more
195.164.49.74 - - [05/Mar/2026:12:29:20 +0100] "GET /sql/index.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [05/Mar/2026:12:29:35 +0100] "GET /web/scripts/setup.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [05/Mar/2026:12:29:35 +0100] "GET /test123.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-03-04 04:18:34
(3 months ago)
195.164.49.74 - - [03/Mar/2026:22:25:55 +0100] "GET /upload/test.php HTTP/1.1" 404 125 "-" "Mozilla/ ...
show more
195.164.49.74 - - [03/Mar/2026:22:25:55 +0100] "GET /upload/test.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [03/Mar/2026:22:26:07 +0100] "GET /config.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
2026/03/04 05:18:33 [error] 1348464#1348464: *78905 directory index of "/home/mta-sts/" is forbidden, client: 195.164.49.74, server: mta-sts.cma.pl, request: "GET / HTTP/1.1", host: "mta-sts.cma.pl"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-03-03 21:24:10
(3 months ago)
195.164.49.74 - - [03/Mar/2026:22:24:07 +0100] "GET /sql/index.php HTTP/1.1" 403 125 "-" "Mozilla/5. ...
show more
195.164.49.74 - - [03/Mar/2026:22:24:07 +0100] "GET /sql/index.php HTTP/1.1" 403 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [03/Mar/2026:22:24:08 +0100] "GET /bitrix/admin/phpinfo.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [03/Mar/2026:22:24:10 +0100] "GET /maintenance/test.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
...
show less
Web App Attack
๐ต๐ฑ
sledzik1984
2026-03-02 21:03:38
(3 months ago)
195.164.49.74 - - [02/Mar/2026:22:03:36 +0100] "GET /sql/index.php HTTP/1.1" 301 169 "-" "Mozilla/5. ...
show more
195.164.49.74 - - [02/Mar/2026:22:03:36 +0100] "GET /sql/index.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [02/Mar/2026:22:03:36 +0100] "GET /sql/index.php HTTP/1.1" 403 125 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
195.164.49.74 - - [02/Mar/2026:22:03:37 +0100] "GET /bitrix/admin/phpinfo.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (compatible; Artemis; CERT PL; +https://cert.pl/skanowanie)"
...
show less
Web App Attack
๐ต๐ฑ
bmino.pl
2026-02-20 10:20:38
(4 months ago)
Autoban IP(2): 195.164.49.74 - Hostname: skanowanie.cert.pl - City: Warsaw - Region: Mazovia - Count ...
show more
Autoban IP(2): 195.164.49.74 - Hostname: skanowanie.cert.pl - City: Warsaw - Region: Mazovia - Country: PL - Location: 52.2298,21.0118 - Organization: AS8308 NAUKOWA I AKADEMICKA SIEC KOMPUTEROWA - PANSTWOWY INSTYTUT BADAWCZY - failed attempts.
show less
SSH