๐ธ๐ฌ
157.230.45.147
3 hours ago
WordPress (CMS) attack attempts.
Date: 2026 Jul 19. 14:13:45
Source IP: 157.230.45.147
Portion ...
show more
WordPress (CMS) attack attempts.
Date: 2026 Jul 19. 14:13:45
Source IP: 157.230.45.147
Portion of the log(s):
157.230.45.147 - [19/Jul/2026:14:13:45 +0200] "GET /wp-admin/js/index.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
157.230.45.147 - [19/Jul/2026:14:13:45 +0200] "GET /wp-includes/theme-compat/zmFM.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
157.230.45.147 - [19/Jul/2026:14:13:45 +0200] "GET /wp-admin/images/index.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
157.230.45.147 - [19/Jul/2026:14:13:45 +0200] "GET /wp-includes/customize/zmFM.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Linux; Android 10; K) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Mobile Safari/537.36"
157.230.45.147 - [19/Jul/2026:14:13
show less
Hacking
Web App Attack
๐บ๐ธ
35.185.33.138
3 hours ago
WordPress (CMS) attack attempts.
Date: 2026 Jul 19. 13:58:34
Source IP: 35.185.33.138
Portion o ...
show more
WordPress (CMS) attack attempts.
Date: 2026 Jul 19. 13:58:34
Source IP: 35.185.33.138
Portion of the log(s):
35.185.33.138 - [19/Jul/2026:13:58:34 +0200] "GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
35.185.33.138 - [19/Jul/2026:13:58:34 +0200] "GET //test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
35.185.33.138 - [19/Jul/2026:13:58:33 +0200] "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
35.185.33.138 - [19/Jul/2026:13:58:33 +0200] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
show less
Web App Attack
๐บ๐ธ
34.48.233.24
3 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 13:15:12
Source IP: 34.48. ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 13:15:12
Source IP: 34.48.233.24
Portion of the log(s):
34.48.233.24 - [19/Jul/2026:13:15:08 +0200] "GET /.codex/config.toml HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Applebot-Extended/0.1; +http://www.apple.com/go/applebot)"
34.48.233.24 - [19/Jul/2026:13:15:08 +0200] "GET /.continue/config.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; Claude-User/1.0; +mailto:[email protected] "
34.48.233.24 - [19/Jul/2026:13:15:08 +0200] "GET /ssl/localhost.key HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] )"
34.48.233.24 - [19/Jul/2026:13:15:08 +0200] "GET /.openclaw/openclaw.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)"
34.48.233.24 - [19/Jul/2026:13:15:08 +0200] "GET /ssl/server.key HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; MistralAI-User/1.0"
show less
Web App Attack
๐จ๐ณ
183.221.20.144
4 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 13:14:29
Source IP: 183.22 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 13:14:29
Source IP: 183.221.20.144
Portion of the log(s):
183.221.20.144 - [19/Jul/2026:13:14:29 +0200] "GET /lib/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 153 "-" "libredtail-http"
183.221.20.144 - [19/Jul/2026:13:14:29 +0200] "GET /lib/phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 404 153 "-" "libredtail-http"
183.221.20.144 - [19/Jul/2026:13:14:28 +0200] "GET /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 153 "-" "libredtail-http"
183.221.20.144 - [19/Jul/2026:13:14:27 +0200] "GET /phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 404 153 "-" "libredtail-http"
183.221.20.144 - [19/Jul/2026:13:14:27 +0200] "GET /phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 153 "-" "libredtail-http"
183.221.20.144 - [19/Jul/2026:13:14:26 +0200] "GET /phpunit/phpunit/Util/PHP/eval-stdin.php HTTP/1.1" 404 153 "-" "libredtail-http"
183.221.20.144 - [19/Jul/2026:13:14:26 +0200] "GET /phpunit/phpunit/src/Util/PHP/eval
show less
Web App Attack
๐บ๐ธ
34.48.233.24
4 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 13:00:01
Source IP: 34.48. ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 13:00:01
Source IP: 34.48.233.24
Portion of the log(s):
34.48.233.24 - [19/Jul/2026:13:00:01 +0200] "GET /config/.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)"
34.48.233.24 - [19/Jul/2026:13:00:01 +0200] "GET /.env.old HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Amazonbot/0.1; +https://developer.amazon.com/support/amazonbot)"
34.48.233.24 - [19/Jul/2026:13:00:01 +0200] "GET /.env.backup HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)"
34.48.233.24 - [19/Jul/2026:13:00:01 +0200] "GET /.env.production HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)"
34.48.233.24 - [19/Jul/2026:13:00:01 +0200] "GET /.env.local HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)"
34.48.233.24 - [19/Jul/2026:12:59:59 +0200] "GET
show less
Web App Attack
๐ช๐ธ
194.146.92.179
4 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 11:58:55
Source IP: 194.14 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 11:58:55
Source IP: 194.146.92.179
Portion of the log(s):
194.146.92.179 - - [19/Jul/2026:11:58:54 +0200] "POST /?rest_route=/batch/v1 HTTP/1.1" 500 331 "-" "wp2shell"
show less
Web App Attack
๐จ๐ณ
121.41.167.40
6 hours ago
Blocked for port scanning.
Time: Sat Jul 18. 16:57:17 2026 +0200
IP: 121.41.167.40 (CN/China/-)
...
show more
Blocked for port scanning.
Time: Sat Jul 18. 16:57:17 2026 +0200
IP: 121.41.167.40 (CN/China/-)
Sample of block hits:
Jul 18 16:56:52 vserv kernel: [364469.767337] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=121.41.167.40 DST=[removed] LEN=28 TOS=0x00 PREC=0x00 TTL=22 ID=39843 PROTO=UDP SPT=39439 DPT=554 LEN=8
Jul 18 16:56:53 vserv kernel: [364470.607800] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=121.41.167.40 DST=[removed] LEN=28 TOS=0x00 PREC=0x00 TTL=35 ID=7537 PROTO=UDP SPT=39441 DPT=554 LEN=8
Jul 18 16:57:01 vserv kernel: [364479.183939] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=121.41.167.40 DST=[removed] LEN=95 TOS=0x00 PREC=0x00 TTL=27 ID=7436 PROTO=UDP SPT=39439 DPT=443 LEN=75
Jul 18 16:57:01 vserv kernel: [364479.184430] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=121.41.167.40 DST=[removed] LEN=42 TOS=0x00 PREC=0x00 TTL=21 ID=7436 PROTO=UDP SPT=39439 DPT=443 LEN=22
Jul 18 16:57:01 vserv kernel: [364479.184813] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC ....
show less
Port Scan
๐ธ๐ฌ
8.219.165.42
6 hours ago
Blocked for port scanning (Port 23 / Telnet brute-force).
Time: Sat Jul 18. 19:31:37 2026 +0200
IP ...
show more
Blocked for port scanning (Port 23 / Telnet brute-force).
Time: Sat Jul 18. 19:31:37 2026 +0200
IP: 8.219.165.42 (SG/Singapore/-)
Sample of block hits:
Jul 18 19:30:54.659999+02:00 sirius kernel: [15508672.840358] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=8.219.165.42 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=46016 PROTO=TCP SPT=42316 DPT=23 WINDOW=37756 RES=0x00 SYN URGP=0
Jul 18 19:30:57.843253+02:00 sirius kernel: [15508676.023967] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=8.219.165.42 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=46016 PROTO=TCP SPT=42316 DPT=23 WINDOW=37756 RES=0x00 SYN URGP=0
Jul 18 19:31:06.542035+02:00 sirius kernel: [15508684.722585] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=8.219.165.42 DST=[removed] LEN=40 TOS=0x00 PREC=0x00 TTL=54 ID=46016 PROTO=TCP SPT=42316 DPT=23 WINDOW=37756 RES=0x00 SYN URGP=0
Jul 18 19:31:11.036661+02:00 sirius kernel: [15508689.218994] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=8.219.165.42 DST=[removed] LEN
show less
Port Scan
Brute-Force
๐ฐ๐ฟ
46.16.149.95
6 hours ago
Blocked for port scanning.
Time: Sat Jul 18. 23:01:18 2026 +0200
IP: 46.16.149.95 (KZ/Kazakhstan/- ...
show more
Blocked for port scanning.
Time: Sat Jul 18. 23:01:18 2026 +0200
IP: 46.16.149.95 (KZ/Kazakhstan/-)
Sample of block hits:
Jul 18 23:00:42 vserv kernel: [386299.064359] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=46.16.149.95 DST=[removed] LEN=84 TOS=0x00 PREC=0x00 TTL=110 ID=22358 PROTO=UDP SPT=61766 DPT=3544 LEN=64
Jul 18 23:00:45 vserv kernel: [386302.552377] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=46.16.149.95 DST=[removed] LEN=84 TOS=0x00 PREC=0x00 TTL=110 ID=22360 PROTO=UDP SPT=61766 DPT=3544 LEN=64
Jul 18 23:00:49 vserv kernel: [386306.838820] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=46.16.149.95 DST=[removed] LEN=84 TOS=0x00 PREC=0x00 TTL=110 ID=22361 PROTO=UDP SPT=61766 DPT=3544 LEN=64
Jul 18 23:00:51 vserv kernel: [386308.548444] Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC= SRC=46.16.149.95 DST=[removed] LEN=84 TOS=0x00 PREC=0x00 TTL=110 ID=22362 PROTO=UDP SPT=61766 DPT=3544 LEN=64
Jul 18 23:00:59 vserv kernel: [386316.548247] Firewall: *UDP_IN Blocked* IN=eth0 OUT
show less
Port Scan
๐ฉ๐ช
165.22.18.253
6 hours ago
Blocked for port scanning.
Time: Sun Jul 19. 10:16:22 2026 +0200
IP: 165.22.18.253 (DE/Germany/-)
...
show more
Blocked for port scanning.
Time: Sun Jul 19. 10:16:22 2026 +0200
IP: 165.22.18.253 (DE/Germany/-)
Sample of block hits:
Jul 19 10:15:53.164912+02:00 sirius kernel: [15561770.999928] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=165.22.18.253 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=13435 DF PROTO=TCP SPT=57058 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 19 10:15:54.182202+02:00 sirius kernel: [15561772.021259] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=165.22.18.253 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=13436 DF PROTO=TCP SPT=57058 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 19 10:15:56.201932+02:00 sirius kernel: [15561774.039781] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=165.22.18.253 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=55 ID=13437 DF PROTO=TCP SPT=57058 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 19 10:16:00.429607+02:00 sirius kernel: [15561778.267351] Firewall: *TCP_IN Blocked* IN=enx3 OUT= MAC= SRC=165.22.18.253 DST=[removed] LEN=60 TOS=0x00
show less
Port Scan
๐ฎ๐ท
94.183.218.208
6 hours ago
Blocked for port scanning.
Time: Sun Jul 19. 10:10:46 2026 +0200
IP: 94.183.218.208 (IR/Iran/-)
...
show more
Blocked for port scanning.
Time: Sun Jul 19. 10:10:46 2026 +0200
IP: 94.183.218.208 (IR/Iran/-)
Sample of block hits:
Jul 19 10:05:49 vserv kernel: [860951.340250] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=94.183.218.208 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=241 ID=20919 PROTO=TCP SPT=61000 DPT=5900 WINDOW=1025 RES=0x00 SYN URGP=0
Jul 19 10:06:06 vserv kernel: [860968.063270] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=94.183.218.208 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=241 ID=27709 PROTO=TCP SPT=61000 DPT=5942 WINDOW=1025 RES=0x00 SYN URGP=0
Jul 19 10:06:39 vserv kernel: [861000.677006] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=94.183.218.208 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=240 ID=11690 PROTO=TCP SPT=61000 DPT=6000 WINDOW=1025 RES=0x00 SYN URGP=0
Jul 19 10:07:39 vserv kernel: [861060.583408] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=94.183.218.208 DST=[removed] LEN=44 TOS=0x00 PREC=0x00 TTL=240 ID=26521 PROTO=TCP SPT=61000 DPT=5921 WINDOW=1025 RES
show less
Port Scan
๐บ๐ธ
164.92.120.249
6 hours ago
Blocked for port scanning.
Time: Sun Jul 19. 09:15:19 2026 +0200
IP: 164.92.120.249 (US/United Sta ...
show more
Blocked for port scanning.
Time: Sun Jul 19. 09:15:19 2026 +0200
IP: 164.92.120.249 (US/United States/-)
Sample of block hits:
Jul 19 09:14:47 vserv kernel: [23289657.863340] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=164.92.120.249 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=64435 DF PROTO=TCP SPT=60200 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 19 09:14:48 vserv kernel: [23289658.864555] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=164.92.120.249 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=64436 DF PROTO=TCP SPT=60200 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 19 09:14:50 vserv kernel: [23289660.883942] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=164.92.120.249 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=64437 DF PROTO=TCP SPT=60200 DPT=3128 WINDOW=64240 RES=0x00 SYN URGP=0
Jul 19 09:14:54 vserv kernel: [23289664.951680] Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC= SRC=164.92.120.249 DST=[removed] LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=64438 DF PROTO=TCP SPT
show less
Port Scan
๐ซ๐ท
146.70.194.228
6 hours ago
TCP connect flood, port scan (Port: 80/TCP).
Date: Sun Jul 19. 08:01:55 2026 +0200
IP: 146.70.194. ...
show more
TCP connect flood, port scan (Port: 80/TCP).
Date: Sun Jul 19. 08:01:55 2026 +0200
IP: 146.70.194.228 (GB/United Kingdom/-)
Connections (sample):
tcp6: 146.70.194.228:38304 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:34132 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:42522 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:40986 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:42408 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:42296 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:46338 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:34844 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:60346 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:42604 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:35118 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:37782 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:42560 -> [removed]:80 (TIME_WAIT)
tcp6: 146.70.194.228:46574 -> [removed]:80 (TIME_WAIT)
.... (505 times/attempts total at same time).
show less
Port Scan
Brute-Force
๐บ๐ธ
34.21.95.170
7 hours ago
WordPress (CMS) attack attempts.
Date: 2026 Jul 19. 10:44:38
Source IP: 34.21.95.170
Portion of ...
show more
WordPress (CMS) attack attempts.
Date: 2026 Jul 19. 10:44:38
Source IP: 34.21.95.170
Portion of the log(s):
34.21.95.170 - [19/Jul/2026:10:44:38 +0200] "GET //wp2/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
34.21.95.170 - [19/Jul/2026:10:44:38 +0200] "GET //test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
34.21.95.170 - [19/Jul/2026:10:44:38 +0200] "GET //wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36"
34.21.95.170 - [19/Jul/2026:10:44:38 +0200] "GET //shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" ....
show less
Web App Attack
๐บ๐ธ
35.194.39.244
8 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:45:32
Source IP: 35.194 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:45:32
Source IP: 35.194.39.244
Portion of the log(s):
35.194.39.244 - [19/Jul/2026:08:45:30 +0200] "GET /openapi.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
35.194.39.244 - [19/Jul/2026:08:45:30 +0200] "GET /manifest.webmanifest HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.3; +https://openai.com/gptbot)"
35.194.39.244 - [19/Jul/2026:08:45:30 +0200] "GET /api/env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; GoogleOther; +http://www.google.com/bot.html)"
35.194.39.244 - [19/Jul/2026:08:45:30 +0200] "GET /api/v1/config HTTP/1.1" 404 153 "-" "meta-externalagent/1.1 (+https://developers.facebook.com/docs/sharing/webmasters/crawler)"
35.194.39.244 - [19/Jul/2026:08:45:30 +0200] "GET /api/v2/config HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Applebot-Extended/0.1; +http://www.appl
show less
Web App Attack
๐บ๐ธ
35.194.39.244
9 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:34:27
Source IP: 35.194 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:34:27
Source IP: 35.194.39.244
Portion of the log(s):
35.194.39.244 - [19/Jul/2026:08:34:27 +0200] "GET /ssl/server.key HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
35.194.39.244 - [19/Jul/2026:08:34:27 +0200] "GET /.continue/config.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; MistralAI-User/1.0"
35.194.39.244 - [19/Jul/2026:08:34:27 +0200] "GET /ssl/localhost.key HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot"
35.194.39.244 - [19/Jul/2026:08:34:27 +0200] "GET /.openclaw/openclaw.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; PerplexityBot/1.0; +https://perplexity.ai/perplexitybot"
35.194.39.244 - [19/Jul/2026:08:34:27 +0200] "GET /.openclaw/.env HTTP/1.1" 404
show less
Web App Attack
๐ณ๐ฑ
45.156.87.12
9 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:25:40
Source IP: 45.156 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:25:40
Source IP: 45.156.87.12
Portion of the log(s):
45.156.87.12 - [19/Jul/2026:08:25:40 +0200] "GET /.env.dist HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
45.156.87.12 - [19/Jul/2026:08:25:40 +0200] "GET /api/shared/config/config.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (iPad; CPU OS 17_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Mobile/15E148 Safari/604.1"
45.156.87.12 - [19/Jul/2026:08:25:40 +0200] "GET /v2/.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Linux; Android 13; Pixel 7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Mobile Safari/537.36"
45.156.87.12 - [19/Jul/2026:08:25:40 +0200] "GET /v1/.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
45.156.87.12 - [19/Jul/2026:08:25:40 +0200] "GET
show less
Hacking
Web App Attack
๐ฐ๐ท
34.158.196.121
9 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:12:20
Source IP: 34.158 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:12:20
Source IP: 34.158.196.121
Portion of the log(s):
34.158.196.121 - [19/Jul/2026:08:12:18 +0200] "GET /api/v1/env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Amzn-SearchBot/1.0; +https://developer.amazon.com/support/amazonbot)"
34.158.196.121 - [19/Jul/2026:08:12:18 +0200] "GET /swagger.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; cohere-ai/1.0; +https://cohere.com)"
34.158.196.121 - [19/Jul/2026:08:12:18 +0200] "GET /app-config.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)"
34.158.196.121 - [19/Jul/2026:08:12:18 +0200] "GET /health HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
34.158.196.121 - [19/Jul/2026:08:12:18 +0200] "GET /api/openapi.json HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Applebot/0.1; +http://www.apple.com/go/applebot)"
34.158.196.121 - [19/Jul/2026:08:12:18 +0200] "GET /api/ac
show less
Web App Attack
๐ฐ๐ท
34.158.196.121
9 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:00:15
Source IP: 34.158 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 08:00:15
Source IP: 34.158.196.121
Portion of the log(s):
34.158.196.121 - [19/Jul/2026:08:00:15 +0200] "GET /.env.example HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Bytespider; [email protected] )"
34.158.196.121 - [19/Jul/2026:08:00:15 +0200] "GET /.github/workflows/deploy.yml HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; GoogleOther; +http://www.google.com/bot.html)"
34.158.196.121 - [19/Jul/2026:08:00:15 +0200] "POST /graphql HTTP/1.1" 404 153 "-" "Go-http-client/1.1"
34.158.196.121 - [19/Jul/2026:08:00:15 +0200] "GET /.gitlab-ci.yml HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; GoogleOther; +http://www.google.com/bot.html)"
34.158.196.121 - [19/Jul/2026:08:00:15 +0200] "GET /.aws/credentials HTTP/1.1" 404 153 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; OAI-SearchBot/1.0; +https://openai.com/searchbot"
34.158.196.121 - [19/Jul/2026:08:00:15 +0200] "GET /.aws/config HTTP/1.1"
show less
Web App Attack
๐บ๐ธ
34.171.141.44
9 hours ago
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 07:50:32
Source IP: 34.171 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 19. 07:50:32
Source IP: 34.171.141.44
Portion of the log(s):
34.171.141.44 - - [19/Jul/2026:07:50:31 +0200] "POST /?rest_route=/batch/v1 HTTP/1.1" 500 331 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
show less
Web App Attack
๐ท๐ด
193.46.255.152
10 hours ago
Blocked for recurring port scan.
Time: Sun Jul 19. 06:15:22 2026 +0200
IP: 193.46.255.152 (RO/Roma ...
show more
Blocked for recurring port scan.
Time: Sun Jul 19. 06:15:22 2026 +0200
IP: 193.46.255.152 (RO/Romania/-)
Temporary blocks that triggered the permanent block:
Sun Jul 19 01:35:27 2026 *Port Scan* detected from 193.46.255.152 (RO/Romania/-). 11 hits in the last 297 seconds
Sun Jul 19 02:49:25 2026 *Port Scan* detected from 193.46.255.152 (RO/Romania/-). 11 hits in the last 211 seconds
Sun Jul 19 03:54:41 2026 *Port Scan* detected from 193.46.255.152 (RO/Romania/-). 11 hits in the last 206 seconds
Sun Jul 19 05:11:15 2026 *Port Scan* detected from 193.46.255.152 (RO/Romania/-). 11 hits in the last 276 seconds
Sun Jul 19 06:15:15 2026 *Port Scan* detected from 193.46.255.152 (RO/Romania/-). 11 hits in the last 201 seconds
show less
Port Scan
Brute-Force
๐ฆ๐ช
89.31.120.238
10 hours ago
Blocked for recurring port scan.
Time: Sun Jul 19. 04:51:03 2026 +0200
IP: 89.31.120.238 (AE/Unite ...
show more
Blocked for recurring port scan.
Time: Sun Jul 19. 04:51:03 2026 +0200
IP: 89.31.120.238 (AE/United Arab Emirates/238.120.31.89.in-addr.arpa)
Temporary blocks that triggered the permanent block:
Sat Jul 18 23:29:55 2026 *Port Scan* detected from 89.31.120.238 (AE/United Arab Emirates/238.120.31.89.in-addr.arpa). 11 hits in the last 266 seconds
Sun Jul 19 00:40:01 2026 *Port Scan* detected from 89.31.120.238 (AE/United Arab Emirates/238.120.31.89.in-addr.arpa). 11 hits in the last 286 seconds
Sun Jul 19 02:19:25 2026 *Port Scan* detected from 89.31.120.238 (AE/United Arab Emirates/238.120.31.89.in-addr.arpa). 11 hits in the last 226 seconds
Sun Jul 19 03:40:21 2026 *Port Scan* detected from 89.31.120.238 (AE/United Arab Emirates/238.120.31.89.in-addr.arpa). 11 hits in the last 261 seconds
Sun Jul 19 04:51:00 2026 *Port Scan* detected from 89.31.120.238 (AE/United Arab Emirates/238.120.31.89.in-addr.arpa). 11 hits in the last 281 seconds
show less
Port Scan
Brute-Force
๐ต๐ฑ
45.141.233.247
10 hours ago
Blocked for recurring port scan.
Time: Sun Jul 19. 04:12:17 2026 +0200
IP: 45.141.233.247 (BG/Bulg ...
show more
Blocked for recurring port scan.
Time: Sun Jul 19. 04:12:17 2026 +0200
IP: 45.141.233.247 (BG/Bulgaria/-)
Temporary blocks that triggered the permanent block:
Sun Jul 19 00:10:27 2026 *Port Scan* detected from 45.141.233.247 (BG/Bulgaria/-). 11 hits in the last 25 seconds
Sun Jul 19 01:10:58 2026 *Port Scan* detected from 45.141.233.247 (BG/Bulgaria/-). 11 hits in the last 55 seconds
Sun Jul 19 02:11:29 2026 *Port Scan* detected from 45.141.233.247 (BG/Bulgaria/-). 11 hits in the last 85 seconds
Sun Jul 19 03:11:55 2026 *Port Scan* detected from 45.141.233.247 (BG/Bulgaria/-). 11 hits in the last 110 seconds
Sun Jul 19 04:12:16 2026 *Port Scan* detected from 45.141.233.247 (BG/Bulgaria/-). 11 hits in the last 130 seconds
show less
Port Scan
Brute-Force
๐ธ๐ฌ
172.104.166.136
10 hours ago
Blocked for recurring port scan.
Time: Sun Jul 19. 04:10:27 2026 +0200
IP: 172.104.166.136 (SG/Sin ...
show more
Blocked for recurring port scan.
Time: Sun Jul 19. 04:10:27 2026 +0200
IP: 172.104.166.136 (SG/Singapore/-)
Temporary blocks that triggered the permanent block:
Sun Jul 19 00:07:20 2026 *Port Scan* detected from 172.104.166.136 (SG/Singapore/-). 11 hits in the last 136 seconds
Sun Jul 19 01:08:04 2026 *Port Scan* detected from 172.104.166.136 (SG/Singapore/-). 11 hits in the last 156 seconds
Sun Jul 19 02:08:44 2026 *Port Scan* detected from 172.104.166.136 (SG/Singapore/-). 11 hits in the last 171 seconds
Sun Jul 19 03:09:42 2026 *Port Scan* detected from 172.104.166.136 (SG/Singapore/-). 11 hits in the last 207 seconds
Sun Jul 19 04:10:26 2026 *Port Scan* detected from 172.104.166.136 (SG/Singapore/-). 11 hits in the last 226 seconds
show less
Port Scan
Brute-Force
๐จ๐ณ
121.229.40.225
10 hours ago
FTP login brute force attempts.
Time: Sun Jul 19. 00:27:57 2026 +0200
IP: 121.229.40.225 (CN/China ...
show more
FTP login brute force attempts.
Time: Sun Jul 19. 00:27:57 2026 +0200
IP: 121.229.40.225 (CN/China/-)
Log entries:
Jul 19 00:27:04 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:11 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:16 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:22 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:26 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:32 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:39 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:44 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Authentication failed for user [www]
Jul 19 00:27:50 kvm-delta pure-ftpd: ([email protected] ) [WARNING] Auth
show less
FTP Brute-Force
Brute-Force