๐บ๐ธ
mnsf
2026-07-16 17:07:17
(5 hours ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:59:18
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:59:12.970023 2026] [security2:error] [pid 9073:tid 9073] [client 18.236.68.102:52792] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "baystarpartners.com"] [uri "/.git/config"] [unique_id "alkN4E4H__9P7bpGjtG9UAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:10:56
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:10:50.712068 2026] [security2:error] [pid 8718:tid 8718] [client 18.236.68.102:51434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bayfieldwis.com"] [uri "/.git/config"] [unique_id "alj0etQM2zGAH3W9uiWZEwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 11:43:18
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 07:43:09.890660 2026] [security2:error] [pid 21427:tid 21427] [client 18.236.68.102:39094] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bawaselcenter.iahksa.com"] [uri "/.git/config"] [unique_id "aljDzbp6-4coaKwMrPMg5QAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
konseptit
2026-07-16 02:33:09
(19 hours ago)
(mod_security) mod_security triggered on hostname [redacted] 18.236.68.102 (US/United States/ec2-18- ...
show more
(mod_security) mod_security triggered on hostname [redacted] 18.236.68.102 (US/United States/ec2-18-236-68-102.us-west-2.compute.amazonaws.com)
show less
SQL Injection
๐ซ๐ท
Octopuce
2026-07-16 02:13:12
(20 hours ago)
Aggressive web search of vulnerable pages: / /.env /.env.local /app/.env /apps/.env ...
Web App Attack
๐ซ๐ท
โจ
2026-07-16 01:16:08
(21 hours ago)
Domain : bathjewishburialground.org
Rule : env
2026-07-16 01:15:20 ***hidden-privacy*** GET /.env.lo ...
show more
Domain : bathjewishburialground.org
Rule : env
2026-07-16 01:15:20 ***hidden-privacy*** GET /.env.local - 443 - 18.236.68.102 HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36 - bathjewishburialground.org 404 0 2 1646 293 140 - -
show less
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-16 00:48:33
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:48:25.860212 2026] [security2:error] [pid 4927:tid 4927] [client 18.236.68.102:32826] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batesstrategygroup.com"] [uri "/.git/config"] [unique_id "algqWamSPzSNro8RyomKbgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 00:20:06
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 18.236.68.102 (ec2-18-236-68-102.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 20:19:58.240320 2026] [security2:error] [pid 17089:tid 17089] [client 18.236.68.102:42630] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batchovens.net"] [uri "/.git/config"] [unique_id "algjrp0b9yRhklVfiVffFwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-15 22:00:58
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-14.
show less
Web App Attack
SSH
Hacking
๐บ๐ฆ
URAN Publishing Service
2026-07-14 21:58:35
(2 days ago)
18.236.68.102 - - [15/Jul/2026:00:58:24 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Macint ...
show more
18.236.68.102 - - [15/Jul/2026:00:58:24 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
18.236.68.102 - - [15/Jul/2026:00:58:34 +0300] "GET /app/.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack
Anonymous
2026-07-14 19:57:53
(2 days ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ฎ๐น
VHosting
2026-07-14 13:15:03
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack