๐ฎ๐น
mediarama.com
2026-07-03 11:59:00
(41 minutes ago)
Banned by Fail2Ban
Web App Attack
Anonymous
2026-07-03 11:39:30
(1 hour ago)
(caddyscan) Scanner path probe from 201.78.128.96 (SG/Singapore/-): 5 in the last 3600 secs; Ports: ...
show more
(caddyscan) Scanner path probe from 201.78.128.96 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 201.78.128.96 - - [03/Jul/2026:11:39:23 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [03/Jul/2026:11:39:23 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [03/Jul/2026:11:39:25 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [03/Jul/2026:11:39:27 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [03/Jul/2026:11:39:27 +0000] "GET /.env.development HTTP/1.1"
show less
Port Scan
๐ฉ๐ช
BlueWire Hosting
2026-07-03 11:18:34
(1 hour ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
๐ณ๐ฑ
e.fierstra
2026-07-03 10:42:42
(1 hour ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-07-03 10:11:20
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 201.78.128.96 (GB/United Kingdom/-): 5 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 201.78.128.96 (GB/United Kingdom/-): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-03 08:38:52
(4 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฎ๐น
VHosting
2026-07-03 05:50:08
(6 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฉ๐ฐ
HostingGroup
2026-07-02 14:31:53
(22 hours ago)
Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shiel ...
show more
Automated malicious activity (Honeypot Trap) detected and blocked at the CDN edge by NordicCDN Shield. Offenses: 1. First blocked: 2026-07-02.
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 13:22:10
(23 hours ago)
201.78.128.96 - - [02/Jul/2026:15:22:00 +0200] "GET /.env HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Window ...
show more
201.78.128.96 - - [02/Jul/2026:15:22:00 +0200] "GET /.env HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
201.78.128.96 - - [02/Jul/2026:15:22:01 +0200] "GET /.env.development HTTP/1.1" 403 124 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0"
201.78.128.96 - - [02/Jul/2026:15:22:01 +0200] "GET /backend/.env HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
201.78.128.96 - - [02/Jul/2026:15:22:01 +0200] "GET /js/config.js HTTP/1.1" 404 184 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
201.78.128.96 - - [02/Jul/2026:15:22:01 +0200] "GET /.env.local HTTP/1.1" 403 183 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 11:28:32
(1 day ago)
(caddyscan) Scanner path probe from 201.78.128.96 (SG/Singapore/-): 5 in the last 3600 secs; Ports: ...
show more
(caddyscan) Scanner path probe from 201.78.128.96 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:11:28:26 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:11:28:29 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:11:28:30 +0000] "GET /backend/.env HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:11:28:30 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:11:28:30 +0000] "GET /.env.local HTTP/1.1"
show less
Port Scan
๐ซ๐ท
masterguru
2026-07-02 11:16:29
(1 day ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
Anonymous
2026-07-02 09:12:58
(1 day ago)
(caddyscan) Scanner path probe from 201.78.128.96 (SG/Singapore/-): 5 in the last 3600 secs; Ports: ...
show more
(caddyscan) Scanner path probe from 201.78.128.96 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:09:12:51 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:09:12:51 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:09:12:52 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:09:12:53 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 201.78.128.96 - - [02/Jul/2026:09:12:53 +0000] "GET /.env.production HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-02 09:03:37
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 201.78.128.96 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 201.78.128.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:03:29.579662 2026] [security2:error] [pid 13166:tid 13166] [client 201.78.128.96:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barryherbach.com"] [uri "/.git/HEAD"] [unique_id "akYpYdpIxu2viisVR05IvQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
dwmp
2026-07-02 08:25:11
(1 day ago)
Url probing: /.git/HEAD
Web App Attack
๐จ๐ญ
4server
2026-07-02 08:12:27
(1 day ago)
[ThuJul0210:12:21.4600272026][security2:error][pid4191384:tid4191499][client201.78.128.96:0]ModSecur ...
show more
[ThuJul0210:12:21.4600272026][security2:error][pid4191384:tid4191499][client201.78.128.96:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"behindthemoon.ch\"][uri\"/.git/HEAD\"][unique_id\"akYdZbqn07dvNU0mCRXNnwAAAQU\"]
show less
Hacking
Web App Attack