๐ฌ๐ง
Axel
2026-07-19 05:55:59
(1 minute ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐ฉ๐ช
paissangroup
2026-07-19 03:07:31
(2 hours ago)
Multiple WAF Violations
Web App Attack
๐ฉ๐ช
MBombeck
2026-07-19 01:38:12
(4 hours ago)
Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures
Web App Attack
๐บ๐ธ
Lezetho
2026-07-18 11:00:20
(18 hours ago)
DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare
DDoS Attack
Email Spam
Hacking
Brute-Force
๐ณ๐ฑ
Site.eu
2026-07-18 03:40:44
(1 day ago)
Excessive multi-domain requests
Brute-Force
๐ซ๐ท
Lacrimosa99
2026-07-18 01:25:59
(1 day ago)
45.148.10.60 - - [18/Jul/2026:03:24:55 +0200] "GET /config/database.php?_=trqo5r3t&v=pvp9u HTTP/1.1" ...
show more
45.148.10.60 - - [18/Jul/2026:03:24:55 +0200] "GET /config/database.php?_=trqo5r3t&v=pvp9u HTTP/1.1" 404 6253 "https://duckduckgo.com/?q=9xbce" "Mozilla/5.0 (Linux; U; Android 14; en-US; Redmi Note 13 Pro Build/UP1A.231005.007) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 UCBrowser/13.4.0.1306 Mobile Safari/537.36"
45.148.10.60 - - [18/Jul/2026:03:25:57 +0200] "GET /dump.sql?_=v1t751pz&v=2v33h HTTP/1.1" 404 6253 "https://www.google.com/search?q=rb1h74" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36"
45.148.10.60 - - [18/Jul/2026:03:25:58 +0200] "GET /backup.sql?_=npt2u6xe&v=9l3od HTTP/1.1" 404 6253 "https://twitter.com/" "Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.165 Mobile Safari/537.36"
...
show less
Web Spam
Anonymous
2026-07-18 01:19:16
(1 day ago)
(caddyscan) Scanner path probe from 45.148.10.60 (AD/Andorra/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 45.148.10.60 (AD/Andorra/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 45.148.10.60 - - [18/Jul/2026:01:19:02 +0000] "GET /.env?_=06nfgcja&v=nzk81 HTTP/1.1"
[REDACTED] 200 2627 45.148.10.60 - - [18/Jul/2026:01:19:05 +0000] "GET /.env.local?_=v1slgwdo&v=05jju HTTP/1.1"
[REDACTED] 200 2627 45.148.10.60 - - [18/Jul/2026:01:19:05 +0000] "GET /.env.production?_=n1y562cl&v=19b0v HTTP/1.1"
[REDACTED] 200 2627 45.148.10.60 - - [18/Jul/2026:01:19:05 +0000] "GET /.env.development?_=b5l6yw9v&v=y8dxq HTTP/1.1"
[REDACTED] 200 2627 45.148.10.60 - - [18/Jul/2026:01:19:06 +0000] "GET /.env.staging?_=7jzuhm87&v=qpzvi HTTP/1.1"
show less
Port Scan
๐ฌ๐ง
consul.to
2026-07-18 01:14:53
(1 day ago)
Web attack/malicious scanning detected
Web App Attack
๐ณ๐ฑ
middelkoopcc
2026-07-18 01:05:05
(1 day ago)
2026-07-18 02:57:17 [client 45.148.10.60:57302] AH10244: invalid URI path (/%2e%2e/.aws/credentials? ...
show more
2026-07-18 02:57:17 [client 45.148.10.60:57302] AH10244: invalid URI path (/%2e%2e/.aws/credentials?_=utpkqal1&v=f209p), referer: <redacted> && 2026-07-18 03:01:55 [client 45.148.10.60:55940] AH10244: invalid URI path (/../etc/passwd?_=5n1og7tp&v=1dkbk), referer: <redacted> && 2026-07-18 03:01:57 [client 45.148.10.60:57748] AH10244: invalid URI path (/../etc/shadow?_=826k7rz7&v=00mza), referer: <redacted> && 61 more within 20 minutes
show less
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-18 00:55:52
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-18 00:00:14
(1 day ago)
ModSecurity rule 949110 triggered on cumberland. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ฉ๐ช
burlacu.org
2026-07-17 23:51:02
(1 day ago)
Nginx multi-log analysis detected: wordpress_scan. Evidence: WordPress config access with 4 attempts ...
show more
Nginx multi-log analysis detected: wordpress_scan. Evidence: WordPress config access with 4 attempts. Blocked automatically.
show less
Web App Attack
Bad Web Bot
๐ฌ๐ง
djboddington
2026-07-17 23:46:29
(1 day ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐บ๐ธ
ruusvuu
2026-07-15 18:16:51
(3 days ago)
Automated abuse report: 77 attack/probe requests from TECHOFF SRV LIMITED / NL.
Targeted paths: /.en ...
show more
Automated abuse report: 77 attack/probe requests from TECHOFF SRV LIMITED / NL.
Targeted paths: /.env%20, /.env%09, /wp-config.php.old, /wp-config.php.save, /wp-config.php.txt.
Sample log lines:
[mirassertions] 2026-07-13 13:47:01: 7/13/2026 13:47:01 45.148.10.60 GET /..%c0%af../etc/passwd?_=f82zbqea&v=sf9yn 404 - 1.322 ms https://news.ycombinator.com/
[mirassertions] 2026-07-13 13:47:02: 7/13/2026 13:47:02 45.148.10.60 GET /..%ef%bc%8f../etc/passwd?_=mqgtdh7e&v=vabv1 404 - 1.655 ms https://www.bing.com/search?q=oa2lk7
[mirassertions] 2026-07-15 11:16:51: 7/15/2026 11:16:51 45.148.10.60 GET /.env%20?_=q2pqwpcu&v=wtzjk 404 - 1.173 ms https://news.ycombinator.com/
Detected by an automated web-server log monitor.
show less
Web App Attack
๐บ๐ธ
Keith Beucler
2026-07-15 18:09:02
(3 days ago)
K5 Services fail2ban jail nginx-k5-web-probes detected high-confidence web abuse. Local web ban appl ...
show more
K5 Services fail2ban jail nginx-k5-web-probes detected high-confidence web abuse. Local web ban applied. Categories: 19,21.
show less
Bad Web Bot
Web App Attack