๐ซ๐ท
masterguru
2026-06-12 03:34:31
(1 month ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
๐จ๐ญ
TheCoon
2026-06-11 20:30:01
(1 month ago)
Automated: Credential theft attempt - JSON bomb served
Web App Attack
Hacking
๐ณ๐ฑ
Site.eu
2026-06-11 13:26:25
(1 month ago)
Excessive 404/403 errors
Brute-Force
๐ฌ๐ง
consul.to
2026-06-11 13:21:05
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-11 06:51:40
(1 month ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-11 05:52:31
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.39.192.117 (117.192.39.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:210492) triggered by 34.39.192.117 (117.192.39.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:52:26.162416 2026] [security2:error] [pid 20462:tid 20462] [client 34.39.192.117:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.forsaleincr.com"] [uri "/.env.copy"] [unique_id "aipNGuz9Lb2PpLuBlQKXlwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
updown.io
2026-06-11 03:01:24
(1 month ago)
{"level":"info","ts":1781146883.0460072,"logger":"http.log.access.log1","msg":"handled request","req ...
show more
{"level":"info","ts":1781146883.0460072,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.39.192.117","remote_port":"53974","client_ip":"34.39.192.117","proto":"HTTP/1.1","method":"GET","host":"status.caspit.biz","uri":"/.env.stage","headers":{"Accept-Charset":["utf-8"],"Accept-Encoding":["gzip"],"Connection":["close"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36 OPR/60.0.3255.70"]},"tls":{"resumed":false,"version":772,"cipher_suite":4865,"proto":"","server_name":"status.caspit.biz","ech":false}},"bytes_read":0,"user_id":"","duration":0.000865132,"size":0,"status":429,"resp_headers":{"Server":["Caddy"],"Alt-Svc":["h3=\":443\"; ma=2592000"],"Retry-After":["1"]}}
{"level":"info","ts":1781146883.0464818,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"34.39.192.117","remote_port":"53984","client_ip":"34.39.192.117","proto":"HTTP/1.1","method
...
show less
DDoS Attack
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-10 22:01:35
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
tentwentyfour
2026-06-10 15:37:56
(1 month ago)
Blocked for probing for sensitive web application components
Brute-Force
Web App Attack
๐ฉ๐ช
spirttm
2026-06-10 07:40:42
(1 month ago)
34.39.192.117 - - [10/Jun/2026:07:40:41 +0000] "GET /.env HTTP/1.1" 403 125 "-" "Mozilla/5.0 (Symbia ...
show more
34.39.192.117 - - [10/Jun/2026:07:40:41 +0000] "GET /.env HTTP/1.1" 403 125 "-" "Mozilla/5.0 (SymbianOS/9.1; U; en-us) AppleWebKit/413 (KHTML, like Gecko) Safari/413 es65"
34.39.192.117 - - [10/Jun/2026:07:40:41 +0000] "GET /.env.stage HTTP/1.1" 403 186 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
34.39.192.117 - - [10/Jun/2026:07:40:41 +0000] "GET /.env.local HTTP/1.1" 403 125 "-" "Mozilla/5.0 (SymbianOS/9.1; U; en-us) AppleWebKit/413 (KHTML, like Gecko) Safari/413 es65"
34.39.192.117 - - [10/Jun/2026:07:40:41 +0000] "GET /.env.prod HTTP/1.1" 403 186 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.100 Safari/537.36"
34.39.192.117 - - [10/Jun/2026:07:40:41 +0000] "GET /.env.live HTTP/1.1" 403 125 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/12.0.3 Safari/605.1.15"
34.39.192.117 - - [10/Ju
...
show less
Port Scan
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-06-10 07:26:00
(1 month ago)
dot file probe
Web App Attack
๐ซ๐ท
pm33
2026-06-10 07:16:27
(1 month ago)
Excessive crawling HTTP 404
Web App Attack
Anonymous
2026-06-10 06:20:43
(1 month ago)
34.39.192.117 - - [10/Jun/2026:08:20:40 +0200] "GET /.env.old HTTP/1.1" 403 472 "-" "Mozilla/5.0 (Li ...
show more
34.39.192.117 - - [10/Jun/2026:08:20:40 +0200] "GET /.env.old HTTP/1.1" 403 472 "-" "Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-N950F Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36"
34.39.192.117 - - [10/Jun/2026:08:20:40 +0200] "GET /.env.old HTTP/1.1" 403 188 "-" "Mozilla/5.0 (Linux; Android 9; SAMSUNG SM-N950F Build/PPR1.180610.011) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/9.4 Chrome/67.0.3396.87 Mobile Safari/537.36"
34.39.192.117 - - [10/Jun/2026:08:20:40 +0200] "GET /.env.prod.bak HTTP/1.1" 403 472 "-" "Mozilla/5.0 (Linux; Android 9; CPH1859) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"
34.39.192.117 - - [10/Jun/2026:08:20:40 +0200] "GET /.env.prod.bak HTTP/1.1" 403 188 "-" "Mozilla/5.0 (Linux; Android 9; CPH1859) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.111 Mobile Safari/537.36"
34.39.192.117 - - [10/Jun/2026:08:20:40 +0200] "GET /.env.backup
...
show less
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-10 05:39:42
(1 month ago)
Excessive multi-domain requests
Brute-Force
๐ฉ๐ช
LRob
2026-06-10 00:01:12
(1 month ago)
Apache web server attack detected by Fail2Ban in plesk-apache jail
Web App Attack