πΊπΈ
billyw0nka
2025-11-06 06:37:44
(7 months ago)
pattern: .git
Hacking
π³π±
Savvii
2025-11-04 05:31:26
(8 months ago)
20 attempts against mh-misbehave-ban on grape
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
ipblock.com
2025-11-04 03:56:00
(8 months ago)
IPBlock protected site ID [4055-d][s=01].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
πΊπ¦
URAN Publishing Service
2025-10-30 11:25:59
(8 months ago)
196.251.70.120 - - [30/Oct/2025:13:25:14 +0200] "GET /wp-content/mysql.sql HTTP/1.1" 404 2778 "-" "M ...
show more
196.251.70.120 - - [30/Oct/2025:13:25:14 +0200] "GET /wp-content/mysql.sql HTTP/1.1" 404 2778 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17 Safari/605.1.15"
196.251.70.120 - - [30/Oct/2025:13:25:58 +0200] "GET /wp-config.php-backup HTTP/1.1" 404 2862 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0"
...
show less
Web App Attack
π«π·
dynamix
2025-10-10 10:56:41
(8 months ago)
Multiple WAF Violations
Web App Attack
π©πͺ
uhlhosting
2025-09-23 09:29:28
(9 months ago)
cp.uhlhosting.ch 196.251.70.120 - - [23/Sep/2025:11:23:34.497261 +0200] "GET / HTTP/1.1" 403 199 "-" ...
show more
cp.uhlhosting.ch 196.251.70.120 - - [23/Sep/2025:11:23:34.497261 +0200] "GET / HTTP/1.1" 403 199 "-" "-" aNJnFs1MasehGZ-dlB-_aAAAAUk "-" /apache/20250923/20250923-1123/20250923-112334-aNJnFs1MasehGZ-dlB-_aAAAAUk 0 1246 md5:31879ef51da551f419b757143184c9cb
cp.uhlhosting.ch 196.251.70.120 - - [23/Sep/2025:11:29:26.187678 +0200] "GET /.git-credentials HTTP/1.1" 403 199 "-" "-" aNJods1MasehGZ-dlB_AWwAAAUk "-" /apache/20250923/20250923-1129/20250923-112926-aNJods1MasehGZ-dlB_AWwAAAUk 0 1077 md5:7308ceed7c255a12a4083ce8bc6de85b
cp.uhlhosting.ch 196.251.70.120 - - [23/Sep/2025:11:29:27.104302 +0200] "GET /.aws/credentials HTTP/1.1" 403 199 "-" "-" aNJod1utPhcnmnzfPbElhgAAAA8 "-" /apache/20250923/20250923-1129/20250923-112927-aNJod1utPhcnmnzfPbElhgAAAA8 0 1079 md5:99756a4379c598db85e93f518f2b5a84
cp.uhlhosting.ch 196.251.70.120 - - [23/Sep/2025:11:29:28.118993 +0200] "GET / HTTP/1.1" 403 199 "-" "-" aNJoeG8Z4WuoeDVkgTtREQAAAQc "-" /apache/20250923/20250923-1129/20250923-112928-aNJoeG8Z4Wuoe
...
show less
DDoS Attack
Brute-Force
π³π±
Savvii
2025-09-23 09:28:05
(9 months ago)
20 attempts against mh-misbehave-ban on apt
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
XICTRON
2025-09-19 04:00:18
(9 months ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
πΈπ¬
SBSecBot
2025-09-06 15:04:57
(9 months ago)
Malicious web scanning detected with our WAF
Bad Web Bot
Web App Attack
π©πͺ
updown.io
2025-09-01 12:04:05
(10 months ago)
{"level":"info","ts":1756727764.574863,"logger":"http.log.access.log1","msg":"handled request","requ ...
show more
{"level":"info","ts":1756727764.574863,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"196.251.70.120","remote_port":"55916","client_ip":"196.251.70.120","proto":"HTTP/1.1","method":"GET","host":"as2status.pittohio.com","uri":"/site.sql","headers":{"User-Agent":["Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:78.0) Gecko/20100101 Firefox/78.0"],"Accept":["*/*"],"Accept-Language":["en"],"Range":["bytes=0-3000"],"Connection":["close"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"as2status.pittohio.com"}},"bytes_read":0,"user_id":"","duration":0.00006528,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1756727764.5752726,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"196.251.70.120","remote_port":"55950","client_ip":"196.251.70.120","proto":"HTTP/1.1","method":"GET","host":"as2status.pittohio.com","uri
...
show less
DDoS Attack
Web App Attack
πΊπ¦
URAN Publishing Service
2025-08-30 10:05:28
(10 months ago)
196.251.70.120 - - [30/Aug/2025:13:05:27 +0300] "GET /wp-content/uploads/dump.sql HTTP/1.1" 404 2841 ...
show more
196.251.70.120 - - [30/Aug/2025:13:05:27 +0300] "GET /wp-content/uploads/dump.sql HTTP/1.1" 404 2841 "-" "Mozilla/5.0 (Fedora; Linux i686; rv:124.0) Gecko/20100101 Firefox/124.0"
196.251.70.120 - - [30/Aug/2025:13:05:27 +0300] "GET /wp-content/mysql.sql HTTP/1.1" 404 2840 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15"
...
show less
Web App Attack
π³π±
Savvii
2025-08-19 17:08:35
(10 months ago)
22 attempts against mh-misbehave-ban on acorn
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
el-brujo
2025-08-18 17:50:18
(10 months ago)
18/Aug/2025:19:50:17.763859 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ...
show more
18/Aug/2025:19:50:17.763859 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 196.251.70.120] ModSecurity: Warning. Matched phrase ".aws/credentials" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: .aws/credentials found within REQUEST_FILENAME: /.aws/credentials"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "hwagm.elhacker.net"] [uri "/.aws/credentials"] [unique_id "aKNn2Z_H4Y0j0hbS4KyQkwAEmSw"]
...
show less
Hacking
Web App Attack
π³π±
Savvii
2025-08-17 20:38:36
(10 months ago)
20 attempts against mh-misbehave-ban on flare
Brute-Force
Bad Web Bot
Web App Attack
π¦π©
bakunin1848
2025-08-16 14:37:04
(10 months ago)
Firewall IPS Detection on 16-08-2025 at 16:37:04
Port Scan
Exploited Host