๐บ๐ธ
TPI-Abuse
2026-07-17 14:04:03
(24 minutes ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 10:04:00.128839 2026] [security2:error] [pid 796122:tid 796122] [client 13.56.142.121:37894] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beta.instagenii.com"] [uri "/.env.backup"] [unique_id "alo2UKRCIBt-WQ3GDrJB3wAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-17 11:51:07
(2 hours ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-17 11:21:21
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:21:16.370047 2026] [security2:error] [pid 27331:tid 27331] [client 13.56.142.121:34934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.forms.kanata.ws"] [uri "/.env.swp"] [unique_id "aloQLNuMO5SKXwGHpt7K5QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 11:07:13
(3 hours ago)
Bot / seems abusive / Apache connections: 22
DDoS Attack
Web Spam
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 10:48:26
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 06:48:21.554240 2026] [security2:error] [pid 6190:tid 6190] [client 13.56.142.121:56980] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "twixmixy.com"] [uri "/.env"] [unique_id "aloIddX-MfBlKgSkHpJWjgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-17 10:05:12
(4 hours ago)
Abuse Detected (15)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:03:09
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:03:04.461368 2026] [security2:error] [pid 11052:tid 11052] [client 13.56.142.121:55470] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "80corvette.com"] [uri "/.env"] [unique_id "alnhuFer1BN-rpo6qrHQEQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:35:14
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:35:08.947075 2026] [security2:error] [pid 423631:tid 423631] [client 13.56.142.121:57126] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "samcdevitt.com"] [uri "/.env.prod"] [unique_id "alnbLGb6eONcWZQJ2yQlhgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-07-17 07:02:02
(7 hours ago)
[redacted] 13.56.142.121 - - [17/Jul/2026:08:02:00 +0100] "GET /home/ec2-user/.aws/credentials HTTP/ ...
show more
[redacted] 13.56.142.121 - - [17/Jul/2026:08:02:00 +0100] "GET /home/ec2-user/.aws/credentials HTTP/1.1" 302 6742 0/56161 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://[redacted]; +https://[redacted])" [redacted] 13.56.142.121 - - [17/Jul/2026:08:02:01 +0100] "GET /home/node/.aws/credentials HTTP/1.1" 302 1499 0/71578 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://[redacted]; +https://[redacted])"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:58:58
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:58:50.589465 2026] [security2:error] [pid 10067:tid 10067] [client 13.56.142.121:34822] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ourcritterguy.azcrittergetter.com"] [uri "/.env.development"] [unique_id "alnSqtOsYD-cNf-8I8dnGAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:31:25
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:31:21.839231 2026] [security2:error] [pid 13912:tid 13912] [client 13.56.142.121:40582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.asiancommoditiescorporation.com"] [uri "/.env.production"] [unique_id "alnMOdtkjGpHWOFnALWYWwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-17 06:24:53
(8 hours ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-201)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 05:37:24
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 01:37:19.931082 2026] [security2:error] [pid 415163:tid 415163] [client 13.56.142.121:33716] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arcontractingservices.com"] [uri "/.env.local"] [unique_id "alm_j1Pxolerrh8_2GZrQgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-17 05:30:08
(8 hours ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:10:40
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 13.56.142.121 (ec2-13-56-142-121.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:10:33.213735 2026] [security2:error] [pid 18979:tid 18979] [client 13.56.142.121:40554] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.timelord2067.com"] [uri "/.env.development"] [unique_id "almdKU1iZJ8OvRbJlO6jNAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack