๐บ๐ธ
alecj.com
2026-06-25 03:34:22
(1 week ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐ช๐ธ
Francisco Vallejo
2026-06-25 02:19:36
(1 week ago)
[Thu Jun 25 04:19:35.245750 2026] [core:info] [pid 2076547:tid 135945730889408] [client 170.39.216.2 ...
show more
[Thu Jun 25 04:19:35.245750 2026] [core:info] [pid 2076547:tid 135945730889408] [client 170.39.216.222:65002] AH00128: File does not exist: /var/www/franvallejo/.env
[Thu Jun 25 04:19:35.448739 2026] [core:info] [pid 2076547:tid 135945647027904] [client 170.39.216.222:65002] AH00128: File does not exist: /var/www/franvallejo/.env.backup
[Thu Jun 25 04:19:35.861594 2026] [core:info] [pid 2076547:tid 135945630242496] [client 170.39.216.222:65002] AH00128: File does not exist: /var/www/franvallejo/.env.bak
[Thu Jun 25 04:19:36.021250 2026] [core:info] [pid 2076547:tid 135946511546048] [client 170.39.216.222:65002] AH00128: File does not exist: /var/www/franvallejo/.env.old
[Thu Jun 25 04:19:36.243714 2026] [core:info] [pid 2076547:tid 135946494760640] [client 170.39.216.222:65002] AH00128: File does not exist: /var/www/franvallejo/.env.save
...
show less
Brute-Force
SSH
๐ป๐ช
LUISE
2026-06-25 02:00:20
(1 week ago)
Vulnerability scanning for Web files on server 5-9VE.
Hacking
Bad Web Bot
๐ซ๐ท
breubit
2026-06-24 22:41:16
(1 week ago)
170.39.216.222 - - [25/Jun/2026:00:41:16 +0200] "GET /.env HTTP/1.1" 404 4478 "-" "Mozilla/5.0 (Wind ...
show more
170.39.216.222 - - [25/Jun/2026:00:41:16 +0200] "GET /.env HTTP/1.1" 404 4478 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ณ๐ฟ
Antinson
2026-06-24 20:00:27
(1 week ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐ต๐ฑ
nfsec.pl
2026-06-24 19:48:23
(1 week ago)
170.39.216.222 - - [24/Jun/2026:19:48:21 +0000] "GET /.env HTTP/1.1" 403 5437 "-" "Mozilla/5.0 (Wind ...
show more
170.39.216.222 - - [24/Jun/2026:19:48:21 +0000] "GET /.env HTTP/1.1" 403 5437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
170.39.216.222 - - [24/Jun/2026:19:48:21 +0000] "GET /.env.backup HTTP/1.1" 403 5437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
170.39.216.222 - - [24/Jun/2026:19:48:22 +0000] "GET /.env.bak HTTP/1.1" 403 5437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
170.39.216.222 - - [24/Jun/2026:19:48:22 +0000] "GET /.env.old HTTP/1.1" 403 5437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
170.39.216.222 - - [24/Jun/2026:19:48:23 +0000] "GET /.env.save HTTP/1.1" 403 5437 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
Exploited Host
๐ฎ๐ฉ
soc-yk
2026-06-24 19:06:13
(1 week ago)
Type: suspicious_network_activity
Risk: 100
Events: 34
Evidence:
- Persistent suspicious network ac ...
show more
Type: suspicious_network_activity
Risk: 100
Events: 34
Evidence:
- Persistent suspicious network activity detected
- Repeated hostile operational behavior observed
- Threat escalation behavior observed
show less
Port Scan
Hacking
๐ฆ๐น
services.org.pl
2026-06-24 17:44:08
(1 week ago)
open() "/var/www/html/.env" failed (2: No such file or directory), client: 170.39.216.222, server: a ...
show more
open() "/var/www/html/.env" failed (2: No such file or directory), client: 170.39.216.222, server: api.services.org.pl, request: "GET /.env HTTP/1.1", host: "46.102.157.176"
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
WebNiraj
2026-06-24 15:42:54
(1 week ago)
(mod_security) mod_security (id:949110) triggered by 170.39.216.222 (FR/France/-): 5 in the last 360 ...
show more
(mod_security) mod_security (id:949110) triggered by 170.39.216.222 (FR/France/-): 5 in the last 3600 secs [SIGMA]
show less
Brute-Force
๐ฎ๐น
NonOggiCaroMio
2026-06-24 14:57:24
(1 week ago)
Arruso ca si: crowdsecurity/http-sensitive-files
Brute-Force
๐ซ๐ฎ
kumiko
2026-06-24 14:26:05
(1 week ago)
[2026-06-24 17:26:04] Probing for dotfiles
"GET /.env HTTP/1.1" 403
Bad Web Bot
Web App Attack
Anonymous
2026-06-24 14:23:35
(1 week ago)
170.39.216.222 46.39.185.24 - [24/Jun/2026:16:23:34 +0200] "GET /.env HTTP/1.1" 404 158 "-" "Mozilla ...
show more
170.39.216.222 46.39.185.24 - [24/Jun/2026:16:23:34 +0200] "GET /.env HTTP/1.1" 404 158 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
๐บ๐ธ
kosada.com
2026-06-24 12:37:34
(1 week ago)
Web exploit attempt:
Web App Attack
๐ซ๐ฎ
YF
2026-06-24 12:00:23
(1 week ago)
Attaque distribuรฉe subnet
DDoS Attack
Web App Attack
Anonymous
2026-06-24 09:46:14
(1 week ago)
Attac
Brute-Force