π©πͺ
BlueWire Hosting
2026-07-02 12:10:35
(36 minutes ago)
Probing websites for vulnerabilities
Web App Attack
SQL Injection
π©πͺ
4server
2026-07-02 11:06:13
(1 hour ago)
[ThuJul0213:06:10.5559832026][security2:error][pid2896846:tid2896927][client47.76.233.139:0]ModSecur ...
show more
[ThuJul0213:06:10.5559832026][security2:error][pid2896846:tid2896927][client47.76.233.139:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(\?:/\(\?:\^\|/\)\\\\\\\\.\(env\|git\|svn\|hg\|DS_Store\)\|/\(\?:wp-config\|\\\\\\\\.htaccess\|\\\\\\\\.htpasswd\)\|\\\\\\\\.\(\?:sql\|bak\|old\|log\)\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"cpcontacts.tpgs.ch\"][uri\"/.env.old\"][unique_id\"akZGIvaZQJBUAuKPqlYY0gAAAI4\"]
show less
Port Scan
Brute-Force
Web App Attack
π¦πΊ
2000cn.com.au
2026-07-02 11:02:10
(1 hour ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
πΊπΈ
TPI-Abuse
2026-07-02 10:57:53
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 47.76.233.139 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.76.233.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 06:57:48.733424 2026] [security2:error] [pid 3143:tid 3143] [client 47.76.233.139:43080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.home.theyoungstrategist.com"] [uri "/.env"] [unique_id "akZELCpI40aLH0KqgaNsIgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π·π΄
iulianh
2026-07-02 10:54:40
(1 hour ago)
80,443
Brute-Force
SSH
π³π±
debestelapp
2026-07-02 10:40:07
(2 hours ago)
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 10:17:03
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.76.233.139 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.76.233.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 06:17:00.068250 2026] [security2:error] [pid 32035:tid 32035] [client 47.76.233.139:43396] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.moaarmorer.com"] [uri "/.env.production"] [unique_id "akY6nFSI3wavYhdCF05h-wAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
blik2108
2026-07-02 09:57:01
(2 hours ago)
solentyachtcharter.com:443 47.76.233.139 - - [02/Jul/2026:10:56:17 +0100] "GET /config HTTP/1.1" 404 ...
show more
solentyachtcharter.com:443 47.76.233.139 - - [02/Jul/2026:10:56:17 +0100] "GET /config HTTP/1.1" 404 2066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
solentyachtcharter.com:443 47.76.233.139 - - [02/Jul/2026:10:56:35 +0100] "GET /config/.env HTTP/1.1" 404 2066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
solentyachtcharter.com:443 47.76.233.139 - - [02/Jul/2026:10:56:44 +0100] "GET /config.js HTTP/1.1" 404 2066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
solentyachtcharter.com:443 47.76.233.139 - - [02/Jul/2026:10:56:45 +0100] "GET /config.json HTTP/1.1" 404 2066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran)"
solentyachtcharter.com:443 47.76.23
...
show less
Brute-Force
Web App Attack
π©πͺ
raph
2026-07-02 09:13:54
(3 hours ago)
[DOT FILES] crawler *.env*, .git*, .config*, etc.
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 09:00:10
(3 hours ago)
Bot / scanning and/or hacking attempts: GET /.env.local HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-07-02 08:58:45
(3 hours ago)
apache-auth
Brute-Force
Web App Attack
π©πͺ
Teufel100
2026-07-02 08:03:21
(4 hours ago)
ModSecurity rejected a query
Brute-Force
Hacking
Web App Attack
πΊπΈ
Matthew Ping
2026-07-02 08:00:02
(4 hours ago)
ModSecurity rule 949110 triggered on dedicated. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
π³π±
e.fierstra
2026-07-02 07:54:57
(4 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
πΊπΈ
Rocky Mountain Bioengineering Symposium
2026-07-02 06:51:05
(5 hours ago)
[Thu Jul 02 00:51:02.956710 2026] [authz_core:error] [pid 67482:tid 140359296333376] [client 47.76.2 ...
show more
[Thu Jul 02 00:51:02.956710 2026] [authz_core:error] [pid 67482:tid 140359296333376] [client 47.76.233.139:39052] AH01630: client denied by server configuration: /var/www/public_html/payments/.env.bak
[Thu Jul 02 00:51:04.202537 2026] [authz_core:error] [pid 67482:tid 140359329904192] [client 47.76.233.139:39052] AH01630: client denied by server configuration: /var/www/public_html/payments/.env.swp
[Thu Jul 02 00:51:04.714877 2026] [authz_core:error] [pid 67482:tid 140360118425152] [client 47.76.233.139:39052] AH01630: client denied by server configuration: /var/www/public_html/payments/.env~
...
show less
Bad Web Bot