Anonymous
2026-06-09 16:01:22
(2 weeks ago)
/.env.swp
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-08 21:59:48
(3 weeks ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-06-08 18:22:01
(3 weeks ago)
/.env.example.swp
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-06-08 15:06:24
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐ท๐บ
Reaper
2026-06-08 13:25:01
(3 weeks ago)
HEAD /.env.backup
Web App Attack
๐ช๐ธ
el-brujo
2026-06-08 12:32:47
(3 weeks ago)
Cloudflare WAF: Request Path: /.env.staging.swp Request Query: Host: foro.elhacker.net userAgent: M ...
show more
Cloudflare WAF: Request Path: /.env.staging.swp Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected] ) Action: block Source: firewallManaged ASN Description: HostRoyale Technologies Pvt Ltd Country: BR Method: HEAD Timestamp: 2026-06-08T12:32:47Z ruleId: c04705c7adee4ce3a763bd5e18135e0c. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB).
show less
Hacking
SQL Injection
Web App Attack
๐ซ๐ท
Donovan
2026-06-08 12:18:27
(3 weeks ago)
Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-scan - 1 attempt(s)
Web App Attack
๐ซ๐ท
bazter.pro
2026-06-08 12:07:04
(3 weeks ago)
Auto-Ban [2026-06-08 15:06:53]: CRITICAL: .env attack; DC: HostRoyale Technologies Pvt Ltd [Paths: 2 ...
show more
Auto-Ban [2026-06-08 15:06:53]: CRITICAL: .env attack; DC: HostRoyale Technologies Pvt Ltd [Paths: 28] | Details: Exploit trap paths: /wp/wp-config.php, /.aws/credentials, /.env.php.swp, /backup.sql, /.env.local | Sensitive files/paths: /.local_settings.py.swp, /wp/wp-config.php, /.aws/credentials, /.docker/config.json, /.env.php.swp | 404 errors (25): /backup.sql, /wp/wp-config.php, /db_connect.php, /.docker/config.json, /settings/production.py, /.env.local, /.circleci/config.yml, /.local_settings.py.swp, /secrets.php.swp, /.secrets.json (and 14 more) | Other paths: /config/database.php, /Jenkinsfile, /app/etc/env.php, /web.config
show less
Web App Attack
Hacking
๐ฌ๐ง
ISPLtd
2026-06-08 11:17:40
(3 weeks ago)
188.208.108.180 [08/Jun/2026:08:17:20 -0300] claire.target.domain:443 URL:/.env.staging.swp "HEAD /. ...
show more
188.208.108.180 [08/Jun/2026:08:17:20 -0300] claire.target.domain:443 URL:/.env.staging.swp "HEAD /.env.staging.swp
188.208.108.180 [08/Jun/2026:08:17:39 -0300] target.domain:80 URL:/.htaccess.swp "GET /.htaccess.swp
...
show less
Hacking
Web App Attack
๐ซ๐ท
Dechavanne
2026-06-08 11:00:16
(3 weeks ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐ซ๐ฎ
as211431.net
2026-06-08 10:58:46
(3 weeks ago)
Triggered Cloudflare WAF (linkMaze) from BR.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/1.1 (HE ...
show more
Triggered Cloudflare WAF (linkMaze) from BR.
Action taken: LINK_MAZE_INJECTED
Protocol: HTTP/1.1 (HEAD method)
Endpoint: /context.xml
UA: Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected] )
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
omartin
2026-06-08 10:49:20
(3 weeks ago)
Critical Vulnerability Scan detected
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ซ๐ท
ISPLtd
2026-06-08 10:37:31
(3 weeks ago)
188.208.108.180 [08/Jun/2026:07:35:48 -0300] gloria.target.domain:80 URL:/.wp-config.php.swp "HEAD / ...
show more
188.208.108.180 [08/Jun/2026:07:35:48 -0300] gloria.target.domain:80 URL:/.wp-config.php.swp "HEAD /.wp-config.php.swp
188.208.108.180 [08/Jun/2026:07:37:29 -0300] gloria.target.domain:80 URL:/.env.save "HEAD /.env.save
...
show less
Hacking
Web App Attack
๐ซ๐ท
sthoyer.de
2026-06-08 10:29:42
(3 weeks ago)
188.208.108.180 - - [08/Jun/2026:12:26:33 +0200] "HEAD /.env.local.swp HTTP/1.1" 302 - "-" "Mozilla/ ...
show more
188.208.108.180 - - [08/Jun/2026:12:26:33 +0200] "HEAD /.env.local.swp HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected] )"
188.208.108.180 - - [08/Jun/2026:12:28:47 +0200] "HEAD /blog/wp-config.php HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected] )"
188.208.108.180 - - [08/Jun/2026:12:29:40 +0200] "HEAD /application-production.properties HTTP/1.1" 302 - "-" "Mozilla/5.0 (compatible; WhiteWebSecurity/1.0; +https://whitewebsecurity.com; [email protected] )"
...
show less
Web App Attack
๐ซ๐ท
dwmp
2026-06-08 10:18:46
(3 weeks ago)
[08/Jun/2026:12:14:54.575919 +0200] aiaWHjGB3l1sD0vyj@JYPwAAAJQ 188.208.108.180 60290 38.242.227.117 ...
show more
[08/Jun/2026:12:14:54.575919 +0200] aiaWHjGB3l1sD0vyj@JYPwAAAJQ 188.208.108.180 60290 38.242.227.117 7081
[08/Jun/2026:12:16:00.629117 +0200] aiaWYDGB3l1sD0vyj@JYbAAAAIE 188.208.108.180 60610 38.242.227.117 7081
[08/Jun/2026:12:18:44.426554 +0200] aiaXBDGB3l1sD0vyj@JYnAAAAIQ 188.208.108.180 32882 38.242.227.117 7081
...
show less
Brute-Force
SSH