๐บ๐ธ
aks4226
2026-07-03 19:26:15
(58 minutes ago)
Attacking common web applications. (n01)
Web App Attack
๐ฉ๐ช
psauxit
2026-07-03 19:20:03
(1 hour ago)
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ...
show more
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping
show less
Web App Attack
Hacking
๐ช๐ธ
alferez
2026-07-03 19:11:22
(1 hour ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
๐ฌ๐ง
thetomtaylor.co.uk
2026-07-03 18:57:02
(1 hour ago)
Fail2Ban - [WAF]ModSecurity rule violation on modsecurity ... [mx01,mx02,mx03]
Hacking
SQL Injection
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-03 18:45:01
(1 hour ago)
ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
Anonymous
2026-07-03 18:32:44
(1 hour ago)
(caddyscan) Scanner path probe from 46.23.108.234 (NL/The Netherlands/-): 5 in the last 3600 secs; P ...
show more
(caddyscan) Scanner path probe from 46.23.108.234 (NL/The Netherlands/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.23.108.234 - - [03/Jul/2026:18:32:43 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 46.23.108.234 - - [03/Jul/2026:18:32:43 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 46.23.108.234 - - [03/Jul/2026:18:32:43 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 46.23.108.234 - - [03/Jul/2026:18:32:43 +0000] "GET /backend/.env HTTP/1.1"
[REDACTED] 200 2627 46.23.108.234 - - [03/Jul/2026:18:32:43 +0000] "GET /api/.env HTTP/1.1"
show less
Port Scan
Anonymous
2026-07-03 14:33:06
(5 hours ago)
HEAD / HTTP/1.1
GET /.git/config HTTP/1.1
GET /.git/HEAD HTTP/1.1
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:57:23
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:57:19.555784 2026] [security2:error] [pid 12713:tid 12736] [client 46.23.108.234:41558] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luxury.management"] [uri "/.git/HEAD"] [unique_id "akd5b87A_ewwRUX33PskngAAAIQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 08:14:25
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 04:14:20.227494 2026] [security2:error] [pid 23129:tid 23129] [client 46.23.108.234:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luisgtechgroup.com"] [uri "/.git/config"] [unique_id "akdvXDAWQRIlr8NBC_MdLQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Nevermind
2026-07-03 07:18:43
(13 hours ago)
46.23.108.234 - - [03/Jul/2026:09:18:41 +0200] "GET /.git/HEAD HTTP/1.1" 403 6278 "-" "Mozilla/5.0 ( ...
show more
46.23.108.234 - - [03/Jul/2026:09:18:41 +0200] "GET /.git/HEAD HTTP/1.1" 403 6278 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0"
46.23.108.234 - - [03/Jul/2026:09:18:41 +0200] "GET /.env HTTP/1.1" 403 6278 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
46.23.108.234 - - [03/Jul/2026:09:18:42 +0200] "GET /.env.local HTTP/1.1" 403 6278 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
46.23.108.234 - - [03/Jul/2026:09:18:42 +0200] "GET /.env.production HTTP/1.1" 403 6278 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.0 Safari/605.1.15"
...
show less
Web App Attack
๐ซ๐ท
masterguru
2026-07-03 07:17:35
(13 hours ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 07:03:02
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:02:56.469517 2026] [security2:error] [pid 24620:tid 24620] [client 46.23.108.234:57220] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luckydawgs.com"] [uri "/.git/HEAD"] [unique_id "akdeoKMnqFXTDLOwv5FfJwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-03 05:30:22
(14 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1248
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 04:52:09
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 46.23.108.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:52:04.302025 2026] [security2:error] [pid 16711:tid 16711] [client 46.23.108.234:33432] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "liveinbirminghamalabama.com"] [uri "/.git/HEAD"] [unique_id "akc_9F8pG5YFMj2_0NhnIQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 04:35:02
(15 hours ago)
suspicious request in access.log
Web App Attack