๐ฉ๐ฐ
Leif Neland
2026-07-02 18:00:03
(11 hours ago)
Detected by CrowdSec on slim
Brute-Force
๐ฌ๐ง
consul.to
2026-07-02 16:25:39
(12 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ซ๐ฎ
oh.mg
2026-07-02 11:05:03
(18 hours ago)
[Thu Jul 02 13:05:03.003312 2026] [security2:error] [pid 2180828:tid 2180844] [client 45.43.166.25:4 ...
show more
[Thu Jul 02 13:05:03.003312 2026] [security2:error] [pid 2180828:tid 2180844] [client 45.43.166.25:48258] [client 45.43.166.25] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "oh.mg.sus.fr"] [uri "/.git/config"] [unique_id "akZF3zu8FEh6br-kH7q8JwAAAE0"]
[Thu Jul 02 13:05:03.068077 2026] [security2:error] [pid 2180828:tid 2180847] [client 45.43.166.25:59494] [client 45.43.166.25] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
antlac1
2026-07-02 09:56:57
(19 hours ago)
crowdsecurity/http-probing
Brute-Force
Web App Attack
๐ซ๐ท
masterguru
2026-07-02 09:36:01
(19 hours ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-02 08:19:16
(20 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐จ๐ญ
m_vlasov
2026-07-02 07:45:20
(21 hours ago)
SSH/Telnet honeypot: 0 login attempts, 0 sessions, 0 shell commands.
Hacking
๐บ๐ฆ
URAN Publishing Service
2026-07-02 07:44:18
(21 hours ago)
45.43.166.25 - - [02/Jul/2026:10:44:16 +0300] "GET /.env HTTP/1.1" 404 734 "-" "Mozilla/5.0 (Windows ...
show more
45.43.166.25 - - [02/Jul/2026:10:44:16 +0300] "GET /.env HTTP/1.1" 404 734 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
45.43.166.25 - - [02/Jul/2026:10:44:17 +0300] "GET /api/.env HTTP/1.1" 404 4735 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฎ๐น
VHosting
2026-07-02 07:00:10
(22 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฉ๐ช
MBombeck
2026-07-02 06:33:14
(22 hours ago)
Fail2Ban/traefik-botsearch on ops-01.bombeck.io: banned after 5 failures
Web App Attack
Anonymous
2026-07-02 06:32:13
(22 hours ago)
(caddyscan) Scanner path probe from 45.43.166.25 (GB/United Kingdom/-): 5 in the last 3600 secs; Por ...
show more
(caddyscan) Scanner path probe from 45.43.166.25 (GB/United Kingdom/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 45.43.166.25 - - [02/Jul/2026:06:32:08 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 45.43.166.25 - - [02/Jul/2026:06:32:08 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 45.43.166.25 - - [02/Jul/2026:06:32:10 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 45.43.166.25 - - [02/Jul/2026:06:32:11 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 45.43.166.25 - - [02/Jul/2026:06:32:11 +0000] "GET /.env.development HTTP/1.1"
show less
Port Scan
๐ณ๐ฑ
Site.eu
2026-07-02 06:16:21
(22 hours ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
et-a_network
2026-07-02 06:06:08
(23 hours ago)
45.43.166.25 - - [02/Jul/2026:06:06:06 +0000] "GET /.git/HEAD HTTP/1.1" 302 28 "-" "Mozilla/5.0 (Win ...
show more
45.43.166.25 - - [02/Jul/2026:06:06:06 +0000] "GET /.git/HEAD HTTP/1.1" 302 28 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" host=overleaf.et-a.eu
45.43.166.25 - - [02/Jul/2026:06:06:06 +0000] "GET /.env HTTP/1.1" 302 28 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" host=overleaf.et-a.eu
45.43.166.25 - - [02/Jul/2026:06:06:07 +0000] "GET /.env.local HTTP/1.1" 302 28 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" host=overleaf.et-a.eu
45.43.166.25 - - [02/Jul/2026:06:06:07 +0000] "GET /.env.production HTTP/1.1" 302 28 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0" host=overleaf.et-a.eu
45.43.166.25 - - [02/Jul/2026:06:06:07 +0000] "GET /.env.development HTTP/1.1" 302 28 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0" host=ove
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 05:45:08
(23 hours ago)
apache-auth
Brute-Force
Web App Attack
Anonymous
2026-07-02 05:43:02
(23 hours ago)
CrowdSec ban: crowdsecurity/http-sensitive-files
Port Scan