๐ฉ๐ช
4server
2026-07-02 11:06:08
(11 hours ago)
[ThuJul0213:06:04.4739442026][security2:error][pid2896846:tid2896919][client47.86.227.194:0]ModSecur ...
show more
[ThuJul0213:06:04.4739442026][security2:error][pid2896846:tid2896919][client47.86.227.194:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\(\?i\)\(\?:/\(\?:\^\|/\)\\\\\\\\.\(env\|git\|svn\|hg\|DS_Store\)\|/\(\?:wp-config\|\\\\\\\\.htaccess\|\\\\\\\\.htpasswd\)\|\\\\\\\\.\(\?:sql\|bak\|old\|log\)\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"www.miotrentino.it\"][uri\"/.env.old\"][unique_id\"akZGHPaZQJBUAuKPqlYYrgAAAIY\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 11:05:32
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.86.227.194 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.86.227.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:05:28.090203 2026] [security2:error] [pid 17785:tid 17785] [client 47.86.227.194:55276] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bluespringssports.com.johnandramonadunn.com"] [uri "/.env"] [unique_id "akZF-P6mTrnQ-l6jTG1qCgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
daveoctober
2026-07-02 11:01:59
(11 hours ago)
October Sentinel: honeypot triggered
Bad Web Bot
Web App Attack
๐ฎ๐น
ciccio diddo
2026-07-02 10:47:35
(12 hours ago)
High Burst multiple 40X port:Tcp/80,443
Brute-Force
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-02 10:45:02
(12 hours ago)
ModSecurity rule 949110 triggered on d865. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ซ๐ท
dynamix
2026-07-02 10:37:22
(12 hours ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
stypr
2026-07-02 10:21:07
(12 hours ago)
Malicious activity detected on HTTP/HTTPS
Hacking
Brute-Force
Web App Attack
๐ฉ๐ช
Gwyneth Llewelyn
2026-07-02 09:49:59
(13 hours ago)
2026/07/02 10:49:55 [error] 1094874#1094874: *2818005 access forbidden by rule, client: 47.86.227.19 ...
show more
2026/07/02 10:49:55 [error] 1094874#1094874: *2818005 access forbidden by rule, client: 47.86.227.194, server: betatechnologies.info, request: "GET /app/.env HTTP/2.0", host: "betatechnologies.info"
2026/07/02 10:49:56 [error] 1094874#1094874: *2818047 access forbidden by rule, client: 47.86.227.194, server: betatechnologies.info, request: "GET /src/.env HTTP/2.0", host: "betatechnologies.info"
2026/07/02 10:49:58 [error] 1094874#1094874: *2818039 access forbidden by rule, client: 47.86.227.194, server: betatechnologies.info, request: "GET /config/.env HTTP/2.0", host: "betatechnologies.info"
show less
Brute-Force
Web App Attack
๐ฉ๐ช
SCHAPPY
2026-07-02 09:38:43
(13 hours ago)
Malicious activity from IP detected: crowdsecurity/http-sensitive-files.
Web App Attack
Hacking
๐บ๐ธ
9LEVEL.com.br
2026-07-02 09:24:25
(13 hours ago)
Blocked by Fail2ban for traefik-404 abuse
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 09:07:11
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.86.227.194 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.86.227.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:07:05.793917 2026] [security2:error] [pid 8399:tid 8399] [client 47.86.227.194:51458] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.blog.needtoorder.com"] [uri "/.env.production"] [unique_id "akYqOZFLpGVs6I17WOc5lwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-02 08:46:56
(14 hours ago)
[Thu Jul 02 18:46:55.742883 2026] [security2:error] [pid 489312] [client 47.86.227.194:50276] [clien ...
show more
[Thu Jul 02 18:46:55.742883 2026] [security2:error] [pid 489312] [client 47.86.227.194:50276] [client 47.86.227.194] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stkildashule.org.au"] [uri "/.env.production"] [unique_id "akYlf-R4VWAp64yygx___AAAAAY"]
...
show less
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-02 08:38:13
(14 hours ago)
Excessive multi-domain requests
Brute-Force
๐ณ๐ฑ
debestelapp
2026-07-02 08:35:07
(14 hours ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:15:16
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.86.227.194 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.86.227.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:15:09.471048 2026] [security2:error] [pid 13245:tid 13245] [client 47.86.227.194:37924] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wildflowerartfarm.com"] [uri "/.env"] [unique_id "akYeDVsKnUYvkpETcUGPJgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack