π§π·
dominioz
2026-07-11 02:49:45
(13 minutes ago)
2026-07-11 02:49:06 GET /.env - - 31.56.58.132 HTTP/1.1 Mozilla/5.0+(Ubuntu;+Linux+x86_64)+AppleWebK ...
show more
2026-07-11 02:49:06 GET /.env - - 31.56.58.132 HTTP/1.1 Mozilla/5.0+(Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/130.0.0.0+Safari/537.36 - 404 5305
2026-07-11 02:49:21 GET /.git/config - - 31.56.58.132 HTTP/1.1 Mozilla/5.0+(ZZ;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/137.0.0.0+Safari/537.36 - 404 5319
...
show less
Web App Attack
π«π·
β¨
2026-07-11 02:42:08
(21 minutes ago)
Domain : comunicados-cgt.es
Rule : env
2026-07-11 02:40:31 ***hidden-privacy*** GET /.env - 443 - 31 ...
show more
Domain : comunicados-cgt.es
Rule : env
2026-07-11 02:40:31 ***hidden-privacy*** GET /.env - 443 - 31.56.58.132 HTTP/1.1 Mozilla/5.0 (Debian; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36 - comunicados-cgt.es 301 0 0 566 231 40 - -
show less
Hacking
SQL Injection
Anonymous
2026-07-11 01:20:02
(1 hour ago)
Aggressive web scan
Web App Attack
π§πͺ
cmbplf
2026-07-11 00:43:38
(2 hours ago)
138 requests with url.path *.env
131 requests with url.path *.git/*
Brute-Force
Bad Web Bot
π©πͺ
london2038.com
2026-07-10 21:04:28
(5 hours ago)
Probing for exploits
31.56.58.132 - - [10/Jul/2026:23:03:44 +0200] "GET /.env HTTP/1.1" 422 0 "-" "M ...
show more
Probing for exploits
31.56.58.132 - - [10/Jul/2026:23:03:44 +0200] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:65.1) Gecko/20100101 Firefox/65.1"
31.56.58.132 - - [10/Jul/2026:23:04:12 +0200] "GET /.git/config HTTP/1.1" 422 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:1.9.7.20) Gecko/ Firefox/3.8"
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 20:05:06
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 31.56.58.132 (132.as215599.net): 1 in the last ...
show more
(mod_security) mod_security (id:210492) triggered by 31.56.58.132 (132.as215599.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 16:04:59.916744 2026] [security2:error] [pid 19521:tid 19521] [client 31.56.58.132:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "goalsnet.net"] [uri "/.env"] [unique_id "alFQayZgbT0nB8thynSaogAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 19:50:32
(7 hours ago)
31.56.58.132 - - [10/Jul/2026:21:50:27 +0200] "GET /.git/config HTTP/1.1" 404 178 "-" "Mozilla/5.0 ( ...
show more
31.56.58.132 - - [10/Jul/2026:21:50:27 +0200] "GET /.git/config HTTP/1.1" 404 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36"
...
show less
Web App Attack
π©πͺ
tall1oN
2026-07-10 19:39:24
(7 hours ago)
31.56.58.132 - - [10/Jul/2026:21:39:23 +0200] "GET /.git/config HTTP/2.0" 200 10820 "-" "Mozilla/5.0 ...
show more
31.56.58.132 - - [10/Jul/2026:21:39:23 +0200] "GET /.git/config HTTP/2.0" 200 10820 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36" "gadget.demons-gaming.cc"
31.56.58.132 - - [10/Jul/2026:21:39:24 +0200] "GET /.env HTTP/2.0" 200 11835 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:1.9.5.20) Gecko/ Firefox/3.6.8" "gadget.demons-gaming.cc"
...
show less
Web App Attack
Port Scan
Hacking
πΊπ¦
URAN Publishing Service
2026-07-10 18:30:53
(8 hours ago)
31.56.58.132 - - [10/Jul/2026:21:24:07 +0300] "GET /.env HTTP/1.1" 404 3279 "-" "Mozilla/5.0 (Macint ...
show more
31.56.58.132 - - [10/Jul/2026:21:24:07 +0300] "GET /.env HTTP/1.1" 404 3279 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6 Safari/605.1.15"
31.56.58.132 - - [10/Jul/2026:21:30:52 +0300] "GET /.env HTTP/1.1" 404 4668 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:128.0) Gecko/20100101 Firefox/128.0"
...
show less
Web App Attack
ππΊ
kranem
2026-07-10 18:00:16
(9 hours ago)
Triggered Cloudflare WAF from FR.
Action taken: BLOCK
ASN: 215599 (Zkillu SAS)
Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF from FR.
Action taken: BLOCK
ASN: 215599 (Zkillu SAS)
Protocol: HTTP/1.1 (GET method)
Endpoint: /.env
Timestamp: 2026-07-10T17:11:50Z
User-Agent: Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.7 Safari/605.1.15
show less
Bad Web Bot
π«π·
Baking333
2026-07-10 17:57:45
(9 hours ago)
[redacted] 31.56.58.132 - - [10/Jul/2026:18:57:31 +0100] "GET /.git/config HTTP/1.1" 302 6753 0/4936 ...
show more
[redacted] 31.56.58.132 - - [10/Jul/2026:18:57:31 +0100] "GET /.git/config HTTP/1.1" 302 6753 0/49369 "-" "Mozilla/5.0 (X11; Linux i686; rv:1.9.6.20) Gecko/ Firefox/3.6.9" [redacted] 31.56.58.132 - - [10/Jul/2026:18:57:44 +0100] "GET /.env HTTP/1.1" 302 6753 0/62953 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3.1 Safari/605.1.15"
show less
Bad Web Bot
Web App Attack
π§π·
dominioz
2026-07-10 16:37:45
(10 hours ago)
2026-07-10 16:36:46 GET /.env - - 31.56.58.132 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15 ...
show more
2026-07-10 16:36:46 GET /.env - - 31.56.58.132 HTTP/1.1 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/605.1.15+(KHTML,+like+Gecko)+Version/16.2+Safari/605.1.15 - 404 5305
2026-07-10 16:37:23 GET /.git/config - - 31.56.58.132 HTTP/1.1 Mozilla/5.0+(Windows+NT+6.2;+Win64;+x64;+rv:109.0)+Gecko/20100101+Firefox/115.0 - 404 5319
2026-07-10 16:37:23 GET /.git/config - - 31.56.58.132 HTTP/1.1 Mozilla/5.0+(Windows+NT+6.2;+Win64;+x64;+rv:109.0)+Gecko/20100101+Firefox/115.0 - 404 5319
...
show less
Web App Attack
πΏπ¦
antman
2026-07-10 14:59:15
(12 hours ago)
csagent: score 20.5: secrets grab x2, 404 noise floor x2; 1 domain(s) in 0s
Web App Attack
Anonymous
2026-07-10 14:58:03
(12 hours ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1
Hacking
Web App Attack
πΊπΈ
EvilTurkey
2026-07-10 12:33:36
(14 hours ago)
Web app attack against financial institution website.
Web App Attack
Hacking