๐บ๐ธ
TheJimmo
2026-07-16 13:47:00
(19 hours ago)
64.112.56.39 64.112.56.39 - - [16/Jul/2026:13:45:34 +0000] "GET /monitoring/..%252f..%252f..%252f..% ...
show more
64.112.56.39 64.112.56.39 - - [16/Jul/2026:13:45:34 +0000] "GET /monitoring/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/passwd HTTP/1.1" 404 13420 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
64.112.56.39 64.112.56.39 - - [16/Jul/2026:13:45:42 +0000] "GET /cgi-bin/kerbynet%3FAction=StartSessionSubmit&User=%27%26cat%20/etc/passwd%26%27&PW= HTTP/1.1" 404 236 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
64.112.56.39 64.112.56.39 - - [16/Jul/2026:13:45:34 +0000] "GET /index.php?option=com_blogfactory&controller=../../../../../../../../../../etc/passwd%00 HTTP/1.1" 404 13581 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
64.112.56.39 64.112.56.39 - - [16/Jul/2026:13:45:38 +0000] "GET /wp-c
...
show less
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-15 03:27:00
(2 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐ฉ๐ช
FeG Deutschland
2026-07-15 02:23:39
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24
Exploited Host
Web App Attack
๐ฉ๐ช
conseilgouz
2026-07-14 07:04:53
(3 days ago)
vee-12 : Block return, carriage return, ... characters=>/component/weblinks/weblink/14-bruno-hemet?c ...
show more
vee-12 : Block return, carriage return, ... characters=>/component/weblinks/weblink/14-bruno-hemet?catid=12'&Itemid=1029&task=weblink.go(')
show less
Hacking
๐ฉ๐ช
conseilgouz
2026-07-13 13:27:43
(3 days ago)
doe-12 : Block return, carriage return, ... characters=>/media/com_cgparallax/js/vegas.min.js?4c94a5 ...
show more
doe-12 : Block return, carriage return, ... characters=>/media/com_cgparallax/js/vegas.min.js?4c94a5='(')
show less
Hacking
Anonymous
2026-07-13 12:05:08
(3 days ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐ซ๐ท
conseilgouz
2026-07-13 10:50:28
(3 days ago)
ame-12 : Block return, carriage return, ... characters=>/?view=article'&id=11:liens-par ...
show more
ame-12 : Block return, carriage return, ... characters=>/?view=article'&id=11:liens-partenaires&catid=2:uncategorised(')
show less
Hacking
๐ฉ๐ช
Vegascosmetics
2026-07-13 07:51:21
(4 days ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ฉ๐ช
stinpriza
2026-07-11 20:06:42
(5 days ago)
Web App Attack
Web App Attack
๐บ๐ธ
Rayulcifer
2026-07-11 19:27:06
(5 days ago)
64.112.56.39 - - [11/Jul/2026:14:27:04 -0500] "GET /.env HTTP/2.0" 403 488 "-" "Mozilla/5.0 (Macinto ...
show more
64.112.56.39 - - [11/Jul/2026:14:27:04 -0500] "GET /.env HTTP/2.0" 403 488 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
...
show less
Open Proxy
Port Scan
Hacking
Web App Attack
SSH
๐ฉ๐ช
conseilgouz
2026-07-11 18:47:28
(5 days ago)
coe-7 : Trying access unauthorized files/dir=>/wp-content/plugins/pwnd/pwnd.php
Hacking
๐บ๐ธ
ipblock.com
2026-07-11 18:18:00
(5 days ago)
IPBlock protected site ID [4055-d][s=01].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-11 17:27:00
(5 days ago)
IPBlock protected site ID [4055-d][s=07].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 11:58:55
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.39 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 07:58:38.920905 2026] [security2:error] [pid 11804:tid 11804] [client 64.112.56.39:47901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fiyaplatform.com"] [uri "/.env.backup"] [unique_id "alIv7nfaFWk5tOtgoJSsPAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-11 10:35:20
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.39 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 06:35:05.787430 2026] [security2:error] [pid 11317:tid 11333] [client 64.112.56.39:37703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "volcano-sa.com"] [uri "/.env.dev.local"] [unique_id "alIcWRJI1kI5yR0x8nZd8AAAAQ4"]
show less
Brute-Force
Bad Web Bot
Web App Attack