๐ฟ๐ฆ
conure
2026-07-13 12:02:23
(16 hours ago)
csagent: score 20.5: secrets grab x2, 404 noise floor x2; 1 domain(s) in 0s
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 05:27:34
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 01:27:26.852922 2026] [security2:error] [pid 28782:tid 28782] [client 47.236.20.56:37626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thegoldreserve.com"] [uri "/.git/config"] [unique_id "alR3PrPxZtxrG0HuG-456gAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:50:20
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:50:15.496690 2026] [security2:error] [pid 11281:tid 11281] [client 47.236.20.56:43810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.globalsolutions.technology"] [uri "/.git/config"] [unique_id "alRuh_NnzdJiVbf7URMDlQAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
conure
2026-07-13 04:32:20
(1 day ago)
csagent: score 17.5: secrets grab x2, 404 noise floor x2; 1 domain(s) in 1m0s
Web App Attack
๐ง๐ช
voormedia
2026-07-13 04:25:09
(1 day ago)
Accessed trap at '/.git/config'
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 04:19:22
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 00:19:17.668160 2026] [security2:error] [pid 21914:tid 21914] [client 47.236.20.56:60018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newhopepetgrooming.com"] [uri "/.git/config"] [unique_id "alRnRSWrHyjPpmHCnDMCAgAAADc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:57:42
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:57:36.286277 2026] [security2:error] [pid 6355:tid 6355] [client 47.236.20.56:51360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadinglogan.com"] [uri "/.git/config"] [unique_id "alRiMIk_cd3rp6NACoDRtgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-13 03:57:04
(1 day ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐ฎ๐ฉ
penjaga BRIN
2026-07-13 03:49:27
(1 day ago)
Suspicious malicious activity
Hacking
๐ณ๐ฑ
BlueWire Hosting
2026-07-13 03:48:01
(1 day ago)
Probing websites for vulnerabilities
Web App Attack
๐ง๐ช
voormedia
2026-07-13 03:43:27
(1 day ago)
Accessed trap at '/.env'
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 03:25:20
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:25:17.242607 2026] [security2:error] [pid 28762:tid 28762] [client 47.236.20.56:48400] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ggisoft.com"] [uri "/.env"] [unique_id "alRanVuIy0Sv1okycqWRkwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
UnixPrime
2026-07-13 02:50:44
(1 day ago)
47.236.20.56 - - [13/Jul/2026:04:50:37 +0200] "GET /.env HTTP/1.1" 404 4126 "-" "Mozilla/5.0 (Macint ...
show more
47.236.20.56 - - [13/Jul/2026:04:50:37 +0200] "GET /.env HTTP/1.1" 404 4126 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36"
47.236.20.56 - - [13/Jul/2026:04:50:44 +0200] "GET /.git/config HTTP/1.1" 404 4131 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:120.0) Gecko/20100101 Firefox/120.0"
...
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
gurnip
2026-07-13 02:25:57
(1 day ago)
Vulnerability probe of page /.env, not found on server.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 02:22:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 47.236.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 22:22:22.357000 2026] [security2:error] [pid 2637951:tid 2637951] [client 47.236.20.56:59074] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "acctusa.net"] [uri "/.env"] [unique_id "alRL3nxp8aA07Gf-ooEPXwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack