๐ฆ๐บ
paulshipley.com.au
2026-07-07 14:23:46
(1 day ago)
[Wed Jul 08 00:23:45.647187 2026] [security2:error] [pid 255004] [client 136.113.51.51:60020] [clien ...
show more
[Wed Jul 08 00:23:45.647187 2026] [security2:error] [pid 255004] [client 136.113.51.51:60020] [client 136.113.51.51] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.com.au"] [uri "/.env"] [unique_id "ak0L8b3OVMhtwrD4aH2E4wAAAAE"]
...
show less
Web App Attack
๐ฎ๐ช
AutosOnShow
2026-07-07 13:37:05
(1 day ago)
blocked for webapp attack | path requested: /.env | seen at 2026-07-07 13:36:18.656 |
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-07 13:15:38
(1 day ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
NxtGenIT
2026-07-07 13:01:09
(1 day ago)
Tanner Honeypot hit, Event Type: , HTTP Method: GET, User Agent: , URI: /lab/.env
SSH
๐ฉ๐ช
[email protected]
2026-07-07 12:46:02
(1 day ago)
Brute force 81 attempts
DDoS Attack
SQL Injection
Brute-Force
SSH
๐ฉ๐ช
maxpower
2026-07-07 11:32:43
(1 day ago)
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 136.113.51.51 (US/United States/51.51.11 ...
show more
(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 136.113.51.51 (US/United States/51.51.113.136.bc.googleusercontent.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 136.113.51.51 - - [07/Jul/2026:13:32:40 +0200] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36" "-" host=fornax.spacehosting.ovh
136.113.51.51 - - [07/Jul/2026:13:32:41 +0200] "GET /.env.local HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36" "-" host=fornax.spacehosting.ovh
show less
Port Scan
๐ฉ๐ช
Viveronese
2026-07-07 11:28:43
(1 day ago)
HTTP vulnerability scanning
Web App Attack
๐ซ๐ท
sthoyer.de
2026-07-07 09:59:50
(1 day ago)
136.113.51.51 - - [07/Jul/2026:11:59:48 +0200] "GET /.env HTTP/1.1" 302 794 "-" "Mozilla/5.0 (Window ...
show more
136.113.51.51 - - [07/Jul/2026:11:59:48 +0200] "GET /.env HTTP/1.1" 302 794 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
136.113.51.51 - - [07/Jul/2026:11:59:49 +0200] "GET /.env.local HTTP/1.1" 302 794 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
136.113.51.51 - - [07/Jul/2026:11:59:49 +0200] "GET /.env.development HTTP/1.1" 302 794 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-07 08:56:09
(1 day ago)
[Tue Jul 07 18:56:09.289276 2026] [security2:error] [pid 225171] [client 136.113.51.51:65325] [clien ...
show more
[Tue Jul 07 18:56:09.289276 2026] [security2:error] [pid 225171] [client 136.113.51.51:65325] [client 136.113.51.51] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.com.au"] [uri "/.env"] [unique_id "aky_KctyfQugBmYMB9YhJAAAAA8"]
...
show less
Web App Attack
๐ซ๐ท
thecocasio
2026-07-07 07:14:57
(1 day ago)
HellPot honeypot: .env secret-file probe โ observed request "GET /.env" against a honeypot host wher ...
show more
HellPot honeypot: .env secret-file probe โ observed request "GET /.env" against a honeypot host where no such application or resource exists. Detected at 2026-07-07T07:14:56Z.
show less
Web App Attack
๐ต๐ฑ
strefapi_com
2026-07-07 07:14:25
(1 day ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack
๐ฌ๐ง
Apache
2026-07-07 06:57:37
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 136.113.51.51 (US/United States/51.51.113.136.b ...
show more
(mod_security) mod_security (id:210492) triggered by 136.113.51.51 (US/United States/51.51.113.136.bc.googleusercontent.com): 5 in the last 300 secs (CF_ENABLE)
show less
Brute-Force
Web App Attack
Anonymous
2026-07-07 06:55:10
(1 day ago)
(mod_security) mod_security triggered on hostname [redacted] 136.113.51.51 (US/United States/51.51.1 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 136.113.51.51 (US/United States/51.51.113.136.bc.googleusercontent.com): (CF_ENABLE)
show less
SQL Injection
Anonymous
2026-07-07 06:47:01
(1 day ago)
git/env leak probe
Web App Attack
๐ฌ๐ง
consul.to
2026-07-07 06:27:06
(1 day ago)
Web attack/malicious scanning detected
Web App Attack