๐ณ๐ฑ
Site.eu
2026-07-18 04:48:32
(17 hours ago)
Excessive multi-domain requests
Brute-Force
๐จ๐ฟ
ptlab
2026-07-18 04:45:07
(17 hours ago)
Detected env_leak attack from WP-host.
Hacking
Web App Attack
๐ฉ๐ช
hchristo
2026-07-18 03:30:35
(18 hours ago)
[Sat Jul 18 05:30:34.191307 2026] [proxy_fcgi:error] [pid 43676:tid 43748] [client 3.85.23.236:56640 ...
show more
[Sat Jul 18 05:30:34.191307 2026] [proxy_fcgi:error] [pid 43676:tid 43748] [client 3.85.23.236:56640] AH01071: Got error 'Primary script unknown\n'
[Sat Jul 18 05:30:34.376695 2026] [proxy_fcgi:error] [pid 43676:tid 43745] [client 3.85.23.236:56640] AH01071: Got error 'Primary script unknown\n'
[Sat Jul 18 05:30:34.561376 2026] [proxy_fcgi:error] [pid 43676:tid 43750] [client 3.85.23.236:56640] AH01071: Got error 'Primary script unknown\n'
[Sat Jul 18 05:30:34.743769 2026] [proxy_fcgi:error] [pid 43676:tid 43765] [client 3.85.23.236:56640] AH01071: Got error 'Primary script unknown\n'
[Sat Jul 18 05:30:34.927497 2026] [proxy_fcgi:error] [pid 43676:tid 43770] [client 3.85.23.236:56640] AH01071: Got error 'Primary script unknown\n'
...
show less
Brute-Force
๐ฉ๐ช
Nevermind
2026-07-18 00:48:48
(21 hours ago)
3.85.23.236 - - [18/Jul/2026:02:48:47 +0200] "GET /.git/config HTTP/1.1" 403 5673 "-" "Mozilla/5.0 ( ...
show more
3.85.23.236 - - [18/Jul/2026:02:48:47 +0200] "GET /.git/config HTTP/1.1" 403 5673 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.85.23.236 - - [18/Jul/2026:02:48:47 +0200] "GET /.env HTTP/1.1" 403 5673 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.85.23.236 - - [18/Jul/2026:02:48:47 +0200] "GET /.env.local HTTP/1.1" 403 5673 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.85.23.236 - - [18/Jul/2026:02:48:47 +0200] "GET /.env.production HTTP/1.1" 403 5673 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 00:33:17
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 3.85.23.236 (ec2-3-85-23-236.compute-1.amazonaw ...
show more
(mod_security) mod_security (id:210492) triggered by 3.85.23.236 (ec2-3-85-23-236.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 20:33:13.053177 2026] [security2:error] [pid 18841:tid 18841] [client 3.85.23.236:37890] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "falero.net"] [uri "/.git/config"] [unique_id "alrJyXRol0aaFKo5c_ir_QAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-17 22:00:17
(1 day ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 01:13:24
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 3.85.23.236 (ec2-3-85-23-236.compute-1.amazonaw ...
show more
(mod_security) mod_security (id:210492) triggered by 3.85.23.236 (ec2-3-85-23-236.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:13:18.195747 2026] [security2:error] [pid 9389:tid 9603] [client 3.85.23.236:33012] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "learndoexplore.com"] [uri "/.git/config"] [unique_id "almBrk8lVUMlbI-RMqoMugAAANc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 20:28:22
(2 days ago)
Fail2Ban: ModSecurity detected a web application attack.
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-16 19:57:35
(2 days ago)
3.85.23.236 - - [16/Jul/2026:22:57:25 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows ...
show more
3.85.23.236 - - [16/Jul/2026:22:57:25 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.85.23.236 - - [16/Jul/2026:22:57:34 +0300] "GET /app/.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 13:15:03
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ท
masterguru
2026-07-16 12:34:04
(2 days ago)
Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack