๐ฉ๐ช
neckaralb-admin.de
2026-07-08 09:14:46
(18 minutes ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
LRob
2026-07-08 03:44:04
(5 hours ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.git/HEAD","/.env","/.git/config","/.aws/cred ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.git/HEAD","/.env","/.git/config","/.aws/credentials","/.env.development"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:149.0) Gecko/20100101 Firefox/149.0","Mozilla/5.0 (Macintosh; Intel Mac OS X 15_7_5) AppleWebKit/605.1.
show less
Hacking
๐ฉ๐ช
XICTRON
2026-07-08 01:00:05
(8 hours ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-07 23:18:13
(10 hours ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
kosada.com
2026-07-07 22:18:09
(11 hours ago)
Web vulnerability probing: /backend/.env
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-07 21:51:20
(11 hours ago)
[Wed Jul 08 07:51:19.521780 2026] [security2:error] [pid 306200] [client 85.121.208.112:43190] [clie ...
show more
[Wed Jul 08 07:51:19.521780 2026] [security2:error] [pid 306200] [client 85.121.208.112:43190] [client 85.121.208.112] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "indigi-print-merch.com.au"] [uri "/.git/HEAD"] [unique_id "ak1011kG_DjMWqS7HlmpMAAAAAY"]
...
show less
Web App Attack
Anonymous
2026-07-07 20:10:41
(13 hours ago)
85.121.208.112 - - [07/Jul/2026:22:10:36 +0200] "GET /.git/HEAD HTTP/1.1" 404 433 "-" "Mozilla/5.0 ( ...
show more
85.121.208.112 - - [07/Jul/2026:22:10:36 +0200] "GET /.git/HEAD HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0"
85.121.208.112 - - [07/Jul/2026:22:10:36 +0200] "GET /.git/HEAD HTTP/1.1" 404 240 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 15.7; rv:149.0) Gecko/20100101 Firefox/149.0"
85.121.208.112 - - [07/Jul/2026:22:10:38 +0200] "GET /.env HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
85.121.208.112 - - [07/Jul/2026:22:10:38 +0200] "GET /.env HTTP/1.1" 404 240 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36 Edg/146.0.3856.109"
85.121.208.112 - - [07/Jul/2026:22:10:40 +0200] "GET /env HTTP/1.1" 404 433 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
85.121.208.112 - - [07/Jul/2
...
show less
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-07 19:50:24
(13 hours ago)
[Wed Jul 08 05:50:22.690985 2026] [security2:error] [pid 292553] [client 85.121.208.112:44700] [clie ...
show more
[Wed Jul 08 05:50:22.690985 2026] [security2:error] [pid 292553] [client 85.121.208.112:44700] [client 85.121.208.112] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "iaki.com.au"] [uri "/.git/HEAD"] [unique_id "ak1YfvBNYKaBRNWoUEBG4wAAAAM"]
...
show less
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2026-07-07 19:12:50
(14 hours ago)
Probing websites for vulnerabilities
Web App Attack
๐ฌ๐ง
consul.to
2026-07-07 18:19:31
(15 hours ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-07-07 18:15:15
(15 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-07 16:31:56
(17 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐ต๐ญ
thezelijah
2026-07-07 13:00:00
(20 hours ago)
Probing and recon
Port Scan
Brute-Force
Web App Attack
Hacking
Anonymous
2026-07-07 10:14:23
(23 hours ago)
(caddyscan) Scanner path probe from 85.121.208.112 (RO/Romania/-): 5 in the last 3600 secs; Ports: * ...
show more
(caddyscan) Scanner path probe from 85.121.208.112 (RO/Romania/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 85.121.208.112 - - [07/Jul/2026:10:14:21 +0000] "GET /.git/HEAD HTTP/1.1"
[REDACTED] 200 2627 85.121.208.112 - - [07/Jul/2026:10:14:21 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 85.121.208.112 - - [07/Jul/2026:10:14:21 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 85.121.208.112 - - [07/Jul/2026:10:14:22 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 85.121.208.112 - - [07/Jul/2026:10:14:22 +0000] "GET /.env.development HTTP/1.1"
show less
Port Scan
๐ฎ๐น
VHosting
2026-07-07 10:05:04
(23 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack