Anonymous
2026-07-08 09:59:49
(21 hours ago)
Aggressive web scan
Web App Attack
Anonymous
2026-07-08 05:56:00
(1 day ago)
Web App Attack
๐ฎ๐ช
Jim Keir
2026-07-08 05:39:23
(1 day ago)
2026-07-08 05:39:22 194.164.90.230 File scanning, blocking 194.164.90.230 for 5 minutes
Web App Attack
Anonymous
2026-07-08 00:10:37
(1 day ago)
eval-stdin.php
Hacking
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-07 20:25:04
(1 day ago)
Excessive multi-domain requests
Brute-Force
๐ซ๐ท
LRob
2026-07-07 16:22:07
(1 day ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.env.bak","/.env.local","/.env.staging","/.en ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: ["/.env.bak","/.env.local","/.env.staging","/.env.dev","/.env"] | UA: ["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"]
show less
Hacking
๐บ๐ธ
ipblock.com
2026-07-07 16:01:00
(1 day ago)
IPBlock protected site ID [4055-d][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
paissangroup
2026-07-07 15:21:27
(1 day ago)
Multiple WAF Violations
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-07 14:40:23
(1 day ago)
[Wed Jul 08 00:40:23.372165 2026] [security2:error] [pid 263895] [client 194.164.90.230:60890] [clie ...
show more
[Wed Jul 08 00:40:23.372165 2026] [security2:error] [pid 263895] [client 194.164.90.230:60890] [client 194.164.90.230] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/.env.bak"] [unique_id "ak0P19A1x1bkbJllts_ZiQAAAAg"]
...
show less
Web App Attack
๐ฎ๐ฉ
Incidents Response Neptus Team
2026-07-07 13:19:00
(1 day ago)
Report Abuse IP
Exploited Host
Web App Attack
Hacking
Anonymous
2026-07-07 10:45:21
(1 day ago)
194.164.90.230 - - [07/Jul/2026:12:45:15 +0200] "GET /.env.bak HTTP/1.1" 404 60628 "-" "Mozilla/5.0 ...
show more
194.164.90.230 - - [07/Jul/2026:12:45:15 +0200] "GET /.env.bak HTTP/1.1" 404 60628 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
194.164.90.230 - - [07/Jul/2026:12:45:15 +0200] "GET /.env.bak HTTP/1.1" 404 13972 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
194.164.90.230 - - [07/Jul/2026:12:45:15 +0200] "GET /.env.local HTTP/1.1" 404 60628 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
194.164.90.230 - - [07/Jul/2026:12:45:16 +0200] "GET /.env.local HTTP/1.1" 404 13972 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
194.164.90.230 - - [07/Jul/2026:12:45:16 +0200] "GET /.env.production HTTP/1.1" 404 60628 "-" "Mozilla/5.0 (Windows NT 10.0; Win
...
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-07 10:15:07
(1 day ago)
Web App Attack
Anonymous
2026-07-07 09:34:24
(1 day ago)
fail2ban apache-modsecurity web [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [uri "/.env ...
show more
fail2ban apache-modsecurity web [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [uri "/.env.bak"]
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 09:27:45
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 194.164.90.230 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 194.164.90.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 05:27:37.571254 2026] [security2:error] [pid 30174:tid 30273] [client 194.164.90.230:38294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "laradioactivitat.com"] [uri "/.env.bak"] [unique_id "akzGieehzwB7QxehiUb4AQAAAkQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-07 08:37:03
(1 day ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 194.164.90.230 (GB/United Kingdom/-) ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 194.164.90.230 (GB/United Kingdom/-): 1 in the last 3600 secs
show less
Web App Attack