๐ฌ๐ง
consul.to
2026-07-07 18:45:22
(57 minutes ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
interbiznw.com
2026-07-07 18:25:20
(1 hour ago)
fail2ban-ban
Hacking
Brute-Force
Exploited Host
Web App Attack
Anonymous
2026-07-07 18:17:47
(1 hour ago)
94.154.43.185 - - [07/Jul/2026:18:17:47 +0000] "GET /.env HTTP/1.1" 404 2983 "-" "Mozilla/5.0 (Windo ...
show more
94.154.43.185 - - [07/Jul/2026:18:17:47 +0000] "GET /.env HTTP/1.1" 404 2983 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
MusicLibrary
2026-07-07 17:44:04
(1 hour ago)
Attempted access to sensitive configuration files (.env, .git, etc.)
Bad Web Bot
Web App Attack
๐ณ๐ฑ
javierin
2026-07-07 17:34:09
(2 hours ago)
94.154.43.185 - blogs.javierin.com - - [07/Jul/2026:17:34:08 +0000] "GET /.env HTTP/1.1" 403 177 "-" ...
show more
94.154.43.185 - blogs.javierin.com - - [07/Jul/2026:17:34:08 +0000] "GET /.env HTTP/1.1" 403 177 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
94.154.43.185 - blogs.javierin.com - - [07/Jul/2026:17:34:08 +0000] "GET /.env HTTP/1.1" 403 560 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Web App Attack
Hacking
๐ฉ๐ช
ut-addicted.com
2026-07-07 17:19:28
(2 hours ago)
\[Tue Jul 07 19:19:26.334002 2026\] \[:error\] \[pid 15310:tid 139785748293376\] \[client 94.154.43. ...
show more
\[Tue Jul 07 19:19:26.334002 2026\] \[:error\] \[pid 15310:tid 139785748293376\] \[client 94.154.43.185:45720\] \[client 94.154.43.185\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "ut-addicted.com"\] \[uri "/.env"\] \[unique_id "ak01HgMwfsBrzFL4oQbFGQAAAQ8"\]
show less
Brute-Force
Web App Attack
๐บ๐ธ
routerjockey
2026-07-07 16:38:00
(3 hours ago)
[sensor1] Observed 18 TCP SYN probes in the past 6 hours [Top port 443/tcp(18x)]
Port Scan
๐ต๐ฑ
miriks
2026-07-07 16:33:29
(3 hours ago)
Automated scan detected: GET /.env โ UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.3 ...
show more
Automated scan detected: GET /.env โ UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
show less
Port Scan
Web App Attack
Anonymous
2026-07-07 16:31:55
(3 hours ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐บ๐ฆ
URAN Publishing Service
2026-07-07 16:24:42
(3 hours ago)
94.154.43.185 - - [07/Jul/2026:19:24:41 +0300] "GET /.env HTTP/1.1" 404 4686 "-" "Mozilla/5.0 (Windo ...
show more
94.154.43.185 - - [07/Jul/2026:19:24:41 +0300] "GET /.env HTTP/1.1" 404 4686 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
its101
2026-07-07 15:50:08
(3 hours ago)
Automated detection by LockdownAccess security system. Attack type(s): env_grab. Reason: Nginx: env_ ...
show more
Automated detection by LockdownAccess security system. Attack type(s): env_grab. Reason: Nginx: env_grab attack. Path targeted: unknown. Blocked in Cloudflare.
show less
Web App Attack
๐ณ๐ฑ
ReyhZhao
2026-07-07 15:15:43
(4 hours ago)
Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was ...
show more
Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was identified within the request arguments, triggering a security rule designed to prevent application attacks.
show less
Brute-Force
๐ญ๐บ
kranem
2026-07-07 15:00:19
(4 hours ago)
Triggered Cloudflare WAF from TR.
Action taken: BLOCK
ASN: 219502 (Storm Industries LLC)
Protocol: H ...
show more
Triggered Cloudflare WAF from TR.
Action taken: BLOCK
ASN: 219502 (Storm Industries LLC)
Protocol: HTTP/1.1 (GET method)
Endpoint: /
Timestamp: 2026-07-07T12:54:38Z
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36
show less
Bad Web Bot
๐ฎ๐ช
Jim Keir
2026-07-07 14:53:51
(4 hours ago)
2026-07-07 14:53:50 94.154.43.185 File scanning, blocking 94.154.43.185 for 5 minutes
Web App Attack
๐ซ๐ท
Baking333
2026-07-07 14:44:45
(4 hours ago)
[redacted] 94.154.43.185 - - [07/Jul/2026:15:27:22 +0100] "GET /.env HTTP/1.1" 302 6758 0/43921 "-" ...
show more
[redacted] 94.154.43.185 - - [07/Jul/2026:15:27:22 +0100] "GET /.env HTTP/1.1" 302 6758 0/43921 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" [redacted] 94.154.43.185 - - [07/Jul/2026:15:44:44 +0100] "GET /.env HTTP/1.1" 302 6758 0/43433 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
show less
Bad Web Bot
Web App Attack