๐ซ๐ท
alpha
2026-07-08 02:42:25
(37 minutes ago)
Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (honeypot decoy)
Bad Web Bot
Web App Attack
๐ซ๐ท
alpha
2026-07-07 02:42:05
(1 day ago)
Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (honeypot decoy)
Bad Web Bot
Web App Attack
๐ซ๐ท
Catalin Negru
2026-07-06 19:04:44
(1 day ago)
Recidive ban by fail2ban on server.blackbit.ro
Brute-Force
๐ซ๐ท
alpha
2026-07-06 02:39:23
(2 days ago)
Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (honeypot decoy)
Bad Web Bot
Web App Attack
๐บ๐ธ
xxkodedxx
2026-07-04 16:21:06
(3 days ago)
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get, 7ร edge-block ...
show more
[Zorvexus edge-defense] GET .env / WordPress honeypot probe
Trigger: 1ร honeypot-get, 7ร edge-block in 10m window.
Origin: US / AS22295 Advin Services LLC
Active: 16:20:30โ16:20:40 UTC
Volume: 13 HTTP req, 8 honeypot probe(s)
Bait taken: /.env, /.env.development, /env, /.env.local, /api/.env
Status mix: 444ร7 200ร5 301ร1
UA: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
Auto-banned 30d. zorvexus-banner.
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
alpha
2026-07-04 15:51:35
(3 days ago)
Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (/.env)
Bad Web Bot
Web App Attack
๐ฉ๐ช
AetherFox
2026-07-04 15:51:23
(3 days ago)
AetherFox VoidGuard detected: [Sat Jul 04 15:51:19.623695 2026] [security2:error] [pid 3529442:tid 3 ...
show more
AetherFox VoidGuard detected: [Sat Jul 04 15:51:19.623695 2026] [security2:error] [pid 3529442:tid 3529447] [client 23.137.105.9:56428] [client 23.137.105.9] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "aetherfox.draconigen.net"] [uri "/.git/HEAD"] [unique_id "akkr98EvdY0uJtVEBN4T-gAAAAI"]
[Sat Jul 04 15:51:22.746426 2026] [security2:error] [pid 3529442:tid 3529454] [client 23.137.105.9:56460] [client 23.137.105.9] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"
...
show less
Hacking
Bad Web Bot
๐บ๐ธ
ne1for23
2026-07-04 09:26:43
(3 days ago)
Attempting to probe for sensitive information accidently exposed via git config.
23.137.105.9 - - [ ...
show more
Attempting to probe for sensitive information accidently exposed via git config.
23.137.105.9 - - [04/Jul/2026:09:26:42 +0000] "GET /.git/config HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
show less
Hacking
๐บ๐ธ
Victor Lรณpez
2026-07-04 06:34:28
(3 days ago)
lavadodepisosbogota.com 23.137.105.9 - - [04/Jul/2026:01:34:26 -0500] "GET /.git/HEAD HTTP/1.1" 403 ...
show more
lavadodepisosbogota.com 23.137.105.9 - - [04/Jul/2026:01:34:26 -0500] "GET /.git/HEAD HTTP/1.1" 403 199 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
lavadodepisosbogota.com 23.137.105.9 - - [04/Jul/2026:01:34:26 -0500] "GET /.env HTTP/1.1" 404 10319 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
lavadodepisosbogota.com 23.137.105.9 - - [04/Jul/2026:01:34:27 -0500] "GET /.env.local HTTP/1.1" 404 10319 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-04 05:04:35
(3 days ago)
Try to access /.git/HEAD
Web App Attack
๐ฌ๐ง
consul.to
2026-07-03 22:05:33
(4 days ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
alecj.com
2026-07-03 19:29:14
(4 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-03 17:01:28
(4 days ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ฆ
URAN Publishing Service
2026-07-03 16:23:02
(4 days ago)
23.137.105.9 - - [03/Jul/2026:19:23:01 +0300] "GET /.env HTTP/1.1" 404 730 "-" "Mozilla/5.0 (Macinto ...
show more
23.137.105.9 - - [03/Jul/2026:19:23:01 +0300] "GET /.env HTTP/1.1" 404 730 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
23.137.105.9 - - [03/Jul/2026:19:23:01 +0300] "GET /backend/.env HTTP/1.1" 404 4670 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0"
...
show less
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-03 16:15:01
(4 days ago)
ModSecurity rule 949110 triggered on wp3. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking