๐ซ๐ท
omartin
2026-07-07 09:08:23
(3 minutes ago)
Critical Vulnerability Scan detected
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
Lino Project
2026-07-07 09:02:42
(8 minutes ago)
94.154.43.186 - - [07/Jul/2026:11:02:39 +0200] "GET /.env HTTP/1.1" 403 5388 "-" "Mozilla/5.0 (Windo ...
show more
94.154.43.186 - - [07/Jul/2026:11:02:39 +0200] "GET /.env HTTP/1.1" 403 5388 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
Abuse Buster
2026-07-07 08:57:45
(13 minutes ago)
94.154.43.186 - [07/Jul/2026:10:57:43 +0200] "GET /.env HTTP/2.0" 403 548 "-" "Mozilla/5.0 (Windows ...
show more
94.154.43.186 - [07/Jul/2026:10:57:43 +0200] "GET /.env HTTP/2.0" 403 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36" Connecting ip: 94.154.43.186 Forwared for: 94.154.43.186
...
show less
Web App Attack
๐ฉ๐ช
ITSNF
2026-07-07 08:55:04
(16 minutes ago)
Blocked by os-abuseipdb; 18 hits, proto=tcp, ports=443
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 08:52:21
(19 minutes ago)
(mod_security) mod_security (id:210492) triggered by 94.154.43.186 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 94.154.43.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 04:52:14.492623 2026] [security2:error] [pid 16931:tid 16931] [client 94.154.43.186:52588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goikopro.com"] [uri "/.env"] [unique_id "aky-PjZQtfbt-wjcBfi3ZgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nationaleventpros.com
2026-07-07 08:45:48
(25 minutes ago)
vulnerability scan
Web App Attack
๐ฎ๐น
Inartis
2026-07-07 08:43:29
(27 minutes ago)
94.154.43.186 - - [07/Jul/2026:10:43:28 +0200] "GET /.env HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Windo ...
show more
94.154.43.186 - - [07/Jul/2026:10:43:28 +0200] "GET /.env HTTP/1.1" 403 5009 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BlueWire Hosting
2026-07-07 08:40:51
(30 minutes ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
Anonymous
2026-07-07 08:39:31
(31 minutes ago)
94.154.43.186 - - [07/Jul/2026:08:39:31 +0000] "GET /.env HTTP/1.1" 404 6998 "-" "Mozilla/5.0 (Windo ...
show more
94.154.43.186 - - [07/Jul/2026:08:39:31 +0000] "GET /.env HTTP/1.1" 404 6998 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/147.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
SMi-Web
2026-07-07 08:35:45
(35 minutes ago)
Blocked by firewall on hugin [443/tcp] | Rule: Blocklist | SPT: 49828 | TTL: 54 | LEN: 308 | TOS: 0x ...
show more
Blocked by firewall on hugin [443/tcp] | Rule: Blocklist | SPT: 49828 | TTL: 54 | LEN: 308 | TOS: 0x00 โข Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
cwytech
2026-07-07 08:33:40
(37 minutes ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/rdg-local-lockdown-high.
Bad Web Bot
Web App Attack
๐ฌ๐ง
Axel
2026-07-07 08:26:01
(45 minutes ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐ฉ๐ช
MusicLibrary
2026-07-07 08:19:23
(52 minutes ago)
Attempted access to sensitive configuration files (.env, .git, etc.)
Bad Web Bot
Web App Attack
๐ฉ๐ช
Ba-Yu
2026-07-07 08:15:43
(55 minutes ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 08:13:11
(58 minutes ago)
(mod_security) mod_security (id:210492) triggered by 94.154.43.186 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 94.154.43.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 04:13:05.077803 2026] [security2:error] [pid 6570:tid 6570] [client 94.154.43.186:45454] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.loriatrading.lucid-events.com"] [uri "/.env"] [unique_id "aky1EQrJZWC93cqKVeUsSAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack