๐ง๐ช
voormedia
2026-06-06 22:34:48
(3 weeks ago)
Accessed trap at '/.env'
Web App Attack
๐ฌ๐ง
consul.to
2026-06-06 20:57:59
(3 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐ซ๐ท
Thaliruth
2026-06-06 20:55:26
(3 weeks ago)
[06/Jun/2026:22:55:26.075314 +0200] aiSJPjcHxNmy9nep611TSgAAABM 206.189.180.229 59734 127.0.0.1 7081 ...
show more
[06/Jun/2026:22:55:26.075314 +0200] aiSJPjcHxNmy9nep611TSgAAABM 206.189.180.229 59734 127.0.0.1 7081
...
show less
Hacking
๐ซ๐ท
Guardian
2026-06-05 20:46:38
(3 weeks ago)
Multi abuses [2]: Unauthorized connection attempt / Port scanning (x3), Unauthorized attempt to retr ...
show more
Multi abuses [2]: Unauthorized connection attempt / Port scanning (x3), Unauthorized attempt to retrieve configuration file
206.189.180.229 [05/Jun/2026:20:46:30] "GET / HTTP/1.1"
206.189.180.229 [05/Jun/2026:20:46:31] "GET /_profiler/phpinfo HTTP/1.1"
206.189.180.229 [05/Jun/2026:20:46:32] "GET /_profiler/open?file=config/packages/swiftmailer.yaml HTTP/1.1"
206.189.180.229 [05/Jun/2026:20:46:37] "GET /_profiler/open?file=.env HTTP/1.1"
show less
Port Scan
Web App Attack
๐บ๐ธ
wordpresshosting.solutions
2026-06-05 17:47:49
(3 weeks ago)
Web app vulnerability scanning detected. Evidence: 206.189.180.229 - - [05/Jun/2026:17:47:46 +0000] ...
show more
Web app vulnerability scanning detected. Evidence: 206.189.180.229 - - [05/Jun/2026:17:47:46 +0000] "GET /_profiler/phpinfo HTTP/1.1" 404 40758 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
206.189.180.229 - - [05/Jun/2026:17:47:48 +0000] "GET /_profiler/open?file=.env HTTP/1.1" 404 40769 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
show less
Web App Attack
๐ต๐ฑ
lns.bz
2026-06-05 07:32:13
(3 weeks ago)
Web app attack [PL.Lu]
Exploited Host
Web App Attack
๐ธ๐ฌ
serverutama
2026-06-05 04:03:04
(3 weeks ago)
Nginx scanner: 206.189.180.229 - - [05/Jun/2026:10:32:38 +0700] "GET /.env HTTP/1.1" 444 0 "-" "Mozi ...
show more
Nginx scanner: 206.189.180.229 - - [05/Jun/2026:10:32:38 +0700] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" "-" 206.189.180.229 - - [05/Jun/2026:10:32:39 +0700] "GET /_profiler/phpinfo HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" "-"
show less
Web App Attack
Bad Web Bot
๐ซ๐ท
Baking333
2026-06-05 03:05:05
(3 weeks ago)
[redacted] 206.189.180.229 - - [05/Jun/2026:04:05:01 +0100] "GET /_profiler/phpinfo HTTP/2.0" 301 30 ...
show more
[redacted] 206.189.180.229 - - [05/Jun/2026:04:05:01 +0100] "GET /_profiler/phpinfo HTTP/2.0" 301 300 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36" [redacted] 206.189.180.229 - - [05/Jun/2026:04:05:02 +0100] "GET /fr/_profiler/phpinfo/ HTTP/2.0" 404 26843 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack
๐ง๐ช
voormedia
2026-06-04 23:23:55
(3 weeks ago)
Accessed trap at '/.env'
Web App Attack
๐ง๐ท
vfAcceloReporter
2026-06-04 23:19:08
(3 weeks ago)
206.189.180.229 - - [04/Jun/2026:20:19:07 -0300] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Wind ...
show more
206.189.180.229 - - [04/Jun/2026:20:19:07 -0300] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/122.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
Exploited Host
๐จ๐ญ
4server
2026-06-04 22:12:30
(3 weeks ago)
[FriJun0500:12:27.7962952026][security2:error][pid2009118:tid2009790][client206.189.180.229:0]ModSec ...
show more
[FriJun0500:12:27.7962952026][security2:error][pid2009118:tid2009790][client206.189.180.229:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"364\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"aid-consultancy.ch\"][uri\"/.env\"][unique_id\"aiH4S60DCH7f84ip28iu1AAAAIM\"]
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 16:58:47
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 206.189.180.229 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 206.189.180.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 12:58:39.880997 2026] [security2:error] [pid 20142:tid 20142] [client 206.189.180.229:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abdulhameeds.art"] [uri "/.env"] [unique_id "aiGuv6oOpV-oUhNede3tVwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-04 03:56:49
(3 weeks ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐ฆ๐บ
afleventoffice.com.au
2026-06-04 01:14:29
(3 weeks ago)
GET /.env HTTP/1.1
Web App Attack
Anonymous
2026-06-03 21:04:33
(3 weeks ago)
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Co ...
show more
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/appsec-vpatch; Action=ban; Events=2; Country=US; ASN=14061 DIGITALOCEAN-ASN
show less
Hacking