๐ซ๐ท
SpaceHost-Server
2026-07-08 22:32:13
(14 hours ago)
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-08 21:59:48
(14 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-07.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
Charlesiv
2026-07-08 06:01:37
(1 day ago)
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: BLOCK
ASN: 36352 (HostPapa)
Protoco ...
show more
Triggered Cloudflare WAF (firewallCustom) from CA.
Action taken: BLOCK
ASN: 36352 (HostPapa)
Protocol: HTTP/1.1 (GET method)
Endpoint: /wp-content/uploads/pentest_proof_e66a6d.php
Timestamp: 2026-07-08T05:15:11Z
Ray ID: a17c9c156fd3abe5
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:133.0) Gecko/20100101 Firefox/133.0
show less
Bad Web Bot
๐ฉ๐ช
XICTRON
2026-07-08 05:50:05
(1 day ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
๐ง๐ช
cmbplf
2026-07-08 03:41:40
(1 day ago)
287 requests with url.path *.aws/*
Brute-Force
Bad Web Bot
๐ซ๐ท
LRob
2026-07-08 03:37:58
(1 day ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.env","/.env.bak","/.env.backup","/.env.save" ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.env","/.env.bak","/.env.backup","/.env.save","/.env.local"] | UA: ["-"]
show less
Hacking
Anonymous
2026-07-08 03:36:47
(1 day ago)
Requested unexistent endpoint (Wordpress login, etc.)
Web App Attack
Anonymous
2026-07-08 03:07:44
(1 day ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Backup file probing, Cloud secrets probing
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
macrob
2026-07-08 02:44:27
(1 day ago)
2026/07/08 02:44:25 [error] 2077149#2077149: *359123712 access forbidden by rule, client: 96.44.167. ...
show more
2026/07/08 02:44:25 [error] 2077149#2077149: *359123712 access forbidden by rule, client: 96.44.167.54, server: bin-spin.com, request: "GET /.env HTTP/1.1", host: "bin-spin.com"
2026/07/08 02:44:25 [error] 2077154#2077154: *359123155 access forbidden by rule, client: 96.44.167.54, server: bin-spin.com, request: "GET /.env.bak HTTP/1.1", host: "bin-spin.com"
2026/07/08 02:44:25 [error] 2077149#2077149: *359123720 access forbidden by rule, client: 96.44.167.54, server: bin-spin.com, request: "GET /.env.backup HTTP/1.1", host: "bin-spin.com"
...
show less
Web App Attack
๐บ๐ธ
mnsf
2026-07-08 02:05:11
(1 day ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐ฉ๐ช
Melle
2026-07-08 00:47:38
(1 day ago)
Blocked by CrowdSec | Scenario: crowdsecurity/http-sensitive-files | 96.44.167.54 triggered 5 events ...
show more
Blocked by CrowdSec | Scenario: crowdsecurity/http-sensitive-files | 96.44.167.54 triggered 5 events | Detected: 2026-07-08T00:47:36.612019948Z
show less
Web App Attack
Hacking
๐จ๐ฆ
Dunham Support
2026-07-07 23:51:13
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 96.44.167.54 (CA/Canada/96-44-167-54-ho ...
show more
(mod_security) mod_security triggered on hostname [redacted] 96.44.167.54 (CA/Canada/96-44-167-54-host.colocrossing.com)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-07 23:31:58
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 96.44.167.54 (96-44-167-54-host.colocrossing.co ...
show more
(mod_security) mod_security (id:210492) triggered by 96.44.167.54 (96-44-167-54-host.colocrossing.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 19:31:54.426958 2026] [security2:error] [pid 21976:tid 21976] [client 96.44.167.54:64142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.murphylumber.ca"] [uri "/.env"] [unique_id "ak2MauX17nRwMsTdIXq9lQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 22:49:44
(1 day ago)
96.44.167.54 - - [08/Jul/2026:00:49:42 +0200] "POST /index.php HTTP/1.1" 404 164 "-" "Mozilla/5.0 (X ...
show more
96.44.167.54 - - [08/Jul/2026:00:49:42 +0200] "POST /index.php HTTP/1.1" 404 164 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:133.0) Gecko/20100101 Firefox/133.0"
96.44.167.54 - - [08/Jul/2026:00:49:43 +0200] "POST /public/ HTTP/1.1" 404 164 "-" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1 Mobile/15E148 Safari/604.1"
96.44.167.54 - - [08/Jul/2026:00:49:43 +0200] "POST /index.php HTTP/1.1" 404 567 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 Edg/129.0.0.0"
96.44.167.54 - - [08/Jul/2026:00:49:43 +0200] "GET /.env HTTP/1.1" 403 164 "-" "-"
96.44.167.54 - - [08/Jul/2026:00:49:43 +0200] "GET /.env.bak HTTP/1.1" 403 164 "-" "-"
96.44.167.54 - - [08/Jul/2026:00:49:43 +0200] "GET /.env.backup HTTP/1.1" 403 164 "-" "-"
96.44.167.54 - - [08/Jul/2026:00:49:43 +0200] "GET /.env.old HTTP/1.1" 403 164 "-" "-"
96.44.167.54 - - [08/Jul/2026:00:49:43 +0200] "GET /.
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
Operator873
2026-07-07 20:53:52
(1 day ago)
2026/07/07 15:53:49 [error] 2367316#0: *1323284 access forbidden by rule, client: 96.44.167.54, serv ...
show more
2026/07/07 15:53:49 [error] 2367316#0: *1323284 access forbidden by rule, client: 96.44.167.54, server: [OBFUSCATED], request: "POST / HTTP/1.1", host: "[OBFUSCATED]"
2026/07/07 15:53:49 [error] 2367316#0: *1323284 access forbidden by rule, client: 96.44.167.54, server: [OBFUSCATED], request: "POST / HTTP/1.1", host: "[OBFUSCATED]"
2026/07/07 15:53:49 [error] 2367316#0: *1323284 access forbidden by rule, client: 96.44.167.54, server: [OBFUSCATED], request: "POST /public/ HTTP/1.1", host: "[OBFUSCATED]"
2026/07/07 15:53:49 [error] 2367316#0: *1323284 access forbidden by rule, client: 96.44.167.54, server: [OBFUSCATED], request: "POST /public/ HTTP/1.1", host: "[OBFUSCATED]"
2026/07/07 15:53:49 [error] 2367316#0: *1323284 access forbidden by rule, client: 96.44.167.54, server: [OBFUSCATED], request: "POST /index.php HTTP/1.1", host: "[OBFUSCATED]"
...
show less
Brute-Force
Web App Attack