๐ฉ๐ช
cheatmaster.store
2025-09-03 01:25:37
(10 months ago)
Automated abuse report from VPS monitoring
Brute-Force
SSH
๐ซ๐ท
John
2025-07-10 07:14:00
(11 months ago)
Very bad hacker, accessing /core/.env, /api/.env, /.env.production, /admin/.env, etc, etc
Hacking
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2025-07-07 03:56:06
(11 months ago)
URL Probing: /.env
Web App Attack
๐ฒ๐พ
Rizzy
2025-07-07 03:42:14
(11 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-07 03:28:44
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 06 23:28:36.930477 2025] [security2:error] [pid 28808:tid 28808] [client 167.86.113.89:37936] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-bahamas.com"] [uri "/.env.production"] [unique_id "aGs-5FNt5K6Z0A4QF7JrhwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
nfsec.pl
2025-07-07 02:50:18
(1 year ago)
167.86.113.89 - - [07/Jul/2025:04:50:17 +0200] "GET /admin/.env HTTP/1.1" 403 9166 "-" "Mozilla/5.0 ...
show more
167.86.113.89 - - [07/Jul/2025:04:50:17 +0200] "GET /admin/.env HTTP/1.1" 403 9166 "-" "Mozilla/5.0 (X11; Linux x86_64)"
167.86.113.89 - - [07/Jul/2025:04:50:17 +0200] "GET /laravel/.env HTTP/1.1" 403 9166 "-" "Mozilla/5.0 (X11; Linux x86_64)"
167.86.113.89 - - [07/Jul/2025:04:50:17 +0200] "GET /.env HTTP/1.1" 403 9166 "-" "Mozilla/5.0 (X11; Linux x86_64)"
167.86.113.89 - - [07/Jul/2025:04:50:17 +0200] "GET /core/.env HTTP/1.1" 403 9166 "-" "Mozilla/5.0 (X11; Linux x86_64)"
167.86.113.89 - - [07/Jul/2025:04:50:17 +0200] "GET /.env.production HTTP/1.1" 403 9166 "-" "Mozilla/5.0 (X11; Linux x86_64)"
...
show less
Exploited Host
Web App Attack
๐ซ๐ท
Quarks Solutions
2025-07-07 02:46:47
(1 year ago)
crowdsecurity/http-sensitive-files
Hacking
Web App Attack
๐ช๐ธ
masterguru
2025-07-07 02:26:52
(1 year ago)
Restricted File Access Attempt. Matched phrase "/.env" at REQUEST_FILENAME. (930130-122)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-07 02:13:06
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 06 22:13:02.650546 2025] [security2:error] [pid 23421:tid 23421] [client 167.86.113.89:39440] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cyber507.net"] [uri "/.env"] [unique_id "aGstLhQ71pqeW-mUSwpufwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
paissangroup
2025-07-07 02:04:20
(1 year ago)
Multiple WAF Violations
Web App Attack
Anonymous
2025-07-07 02:00:33
(1 year ago)
Restricted File Access Requests
Hacking
Brute-Force
Anonymous
2025-07-07 01:49:02
(1 year ago)
Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /.env.production HTTP/1.1, GET / ...
show more
Bot / scanning and/or hacking attempts: GET /api/.env HTTP/1.1, GET /.env.production HTTP/1.1, GET /core/.env HTTP/1.1, GET /laravel/.env HTTP/1.1
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-07 01:48:03
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 06 21:47:56.574211 2025] [security2:error] [pid 470:tid 470] [client 167.86.113.89:34332] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spacerecording.com"] [uri "/.env.production"] [unique_id "aGsnTPaYMJKUNeAlOYi9bwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-07 01:28:45
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the ...
show more
(mod_security) mod_security (id:210492) triggered by 167.86.113.89 (srv100.serverhouse.ch): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 06 21:28:41.603857 2025] [security2:error] [pid 6171:tid 6171] [client 167.86.113.89:52644] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pastorg.com"] [uri "/.env"] [unique_id "aGsiyd3y9DSLQL9B3V-tZgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2025-07-07 01:23:00
(1 year ago)
Excessive multi-domain requests
Brute-Force