๐ซ๐ท
LRob
2026-07-09 01:27:29
(14 hours ago)
CrowdSec: crowdsecurity/http-probing | req: ["/tca2c18h5wjb197bomx1xpw9o.html","/1ivpl8pgijo2lki3rpd ...
show more
CrowdSec: crowdsecurity/http-probing | req: ["/tca2c18h5wjb197bomx1xpw9o.html","/1ivpl8pgijo2lki3rpdqdx0k6.php","/ytvbyx3boi0z1qowjs2lk0fsl.html","/.git/config","/.env","/wvr3cvd65oai139dqunemugoy.php","/.env.production","/.env.local","/.env.development","/.env.test","/.env.staging"] | UA: ["Mozilla/5.0 (compatible; pathscan/1.0)"]
show less
Port Scan
Web App Attack
๐ฎ๐ฉ
soc-yk
2026-07-08 22:30:14
(17 hours ago)
Type: suspicious_network_activity
Risk: 100
Events: 103
Evidence:
- Persistent suspicious network a ...
show more
Type: suspicious_network_activity
Risk: 100
Events: 103
Evidence:
- Persistent suspicious network activity detected
- Repeated hostile operational behavior observed
- Multi-event operational persistence identified
- Threat escalation behavior observed
show less
Port Scan
Hacking
๐บ๐ธ
jkcunningham
2026-07-08 22:26:16
(17 hours ago)
Vulnerability scanner. Scans for wordpress filesystem, targets web-application filesystem, pretends ...
show more
Vulnerability scanner. Scans for wordpress filesystem, targets web-application filesystem, pretends referer was target domain, targets os and filesystem.
show less
Web App Attack
Bad Web Bot
Port Scan
๐ฆ๐บ
aranguren.org
2026-07-08 21:52:04
(17 hours ago)
84.247.146.115 - - [09/Jul/2026:07:52:01 +1000] "GET /.env.development HTTP/2.0" 404 995 "-" "Mozill ...
show more
84.247.146.115 - - [09/Jul/2026:07:52:01 +1000] "GET /.env.development HTTP/2.0" 404 995 "-" "Mozilla/5.0 (compatible; pathscan/1.0)"
84.247.146.115 - - [09/Jul/2026:07:52:02 +1000] "GET /.env.test HTTP/2.0" 404 995 "-" "Mozilla/5.0 (compatible; pathscan/1.0)"
84.247.146.115 - - [09/Jul/2026:07:52:02 +1000] "GET /env HTTP/2.0" 404 995 "-" "Mozilla/5.0 (compatible; pathscan/1.0)"
84.247.146.115 - - [09/Jul/2026:07:52:03 +1000] "GET /.env.staging HTTP/2.0" 404 995 "-" "Mozilla/5.0 (compatible; pathscan/1.0)"
84.247.146.115 - - [09/Jul/2026:07:52:03 +1000] "GET /.env.example HTTP/2.0" 404 995 "-" "Mozilla/5.0 (compatible; pathscan/1.0)"
84.247.146.115 - - [09/Jul/2026:07:52:03 +1000] "GET /.env.prod HTTP/2.0" 404 995 "-" "Mozilla/5.0 (compatible; pathscan/1.0)"
...
show less
Bad Web Bot
๐ฌ๐ง
consul.to
2026-07-08 20:10:27
(19 hours ago)
Web attack/malicious scanning detected
Web App Attack
Anonymous
2026-07-08 19:59:56
(19 hours ago)
Web App Attack
๐ฉ๐ช
kkwemi
2026-07-08 19:34:23
(19 hours ago)
Blocked by block-exploit-paths on /.env
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-08 06:47:56
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 84.247.146.115 (vmi3421948.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 84.247.146.115 (vmi3421948.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 02:47:48.599091 2026] [security2:error] [pid 31596:tid 31596] [client 84.247.146.115:53784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fgrotary.org"] [uri "/wp-config.php.txt"] [unique_id "ak3ylHDsYXFEXvZBTw3ALQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Gwyneth Llewelyn
2026-07-08 06:16:20
(1 day ago)
2026/07/08 07:16:17 [error] 2215#2215: *1331603 access forbidden by rule, client: 84.247.146.115, se ...
show more
2026/07/08 07:16:17 [error] 2215#2215: *1331603 access forbidden by rule, client: 84.247.146.115, server: _, request: "GET /.env HTTP/2.0", host: "[redacted]:8081"
84.247.146.115 - - [08/Jul/2026:07:16:17 +0100] "GET /.env HTTP/2.0" 403 146 "-" "Mozilla/5.0 (compatible; pathscan/1.0)"
2026/07/08 07:16:19 [error] 2215#2215: *1331603 access forbidden by rule, client: 84.247.146.115, server: _, request: "GET /config/.env HTTP/2.0", host: "[redacted]:8081"
show less
Brute-Force
Web App Attack
๐จ๐ฆ
danieljamesbertrand
2026-07-08 04:12:55
(1 day ago)
fail2ban jail=nginx-access-exploit on canadapaywall.com (automatic report; categories 19,21)
Bad Web Bot
Web App Attack
๐บ๐ธ
WellSpring
2026-07-08 02:30:11
(1 day ago)
git exposure on naturologie.com/.git/config โ WellSpr.ing/NetSentinel civic-AI security layer
Web App Attack
๐ฉ๐ช
strzonnek
2026-07-08 01:54:40
(1 day ago)
attack on webform
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-07 21:59:42
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-06.
show less
Web App Attack
SSH
Hacking
๐ฉ๐ช
ghostwarriors
2026-07-07 13:20:05
(2 days ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
๐บ๐ธ
WellSpring
2026-07-07 13:05:18
(2 days ago)
env leak on freeproduce.org/api/.env โ WellSpr.ing/NetSentinel civic-AI security layer
Web App Attack