๐ณ๐ฑ
homeshowdomain.nl
2026-07-17 22:00:32
(2 hours ago)
Auto-ban: >3000 req/min op 2026-07-17
Web App Attack
SSH
Hacking
๐ฉ๐ช
LRob
2026-07-17 16:05:41
(8 hours ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: /.aws/credentials | 5 distinct paths | UA: Mozil ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: /.aws/credentials | 5 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love;
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 15:45:13
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 11:45:06.593766 2026] [security2:error] [pid 9115:tid 9115] [client 192.144.133.5:65318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.makegoodsausage.com.cajunfriedturkey.com"] [uri "/.env"] [unique_id "alpOAqdOlLr0mEYcJtiz4QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-17 15:16:14
(9 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 13:13:09
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 09:13:01.909430 2026] [security2:error] [pid 829863:tid 829863] [client 192.144.133.5:58649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.newhopepetgrooming.leonardodecaprio.com"] [uri "/.env"] [unique_id "aloqXd8uNQV3urhCm4fTvAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 12:29:06
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:29:00.936580 2026] [security2:error] [pid 10543:tid 10543] [client 192.144.133.5:58643] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mchen-arch.com"] [uri "/.env"] [unique_id "alogDDTeAllPrvh0TGsrPwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 11:57:01
(12 hours ago)
(caddyscan) Scanner path probe from 192.144.133.5 (CN/China/-): 5 in the last 3600 secs; Ports: *; D ...
show more
(caddyscan) Scanner path probe from 192.144.133.5 (CN/China/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 192.144.133.5 - - [17/Jul/2026:11:56:51 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 192.144.133.5 - - [17/Jul/2026:11:56:51 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 192.144.133.5 - - [17/Jul/2026:11:56:53 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 192.144.133.5 - - [17/Jul/2026:11:56:54 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 192.144.133.5 - - [17/Jul/2026:11:56:58 +0000] "GET /.env.dev HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-17 11:48:18
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:48:14.690476 2026] [security2:error] [pid 4259:tid 4259] [client 192.144.133.5:50658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "grayhost.net"] [uri "/.env~"] [unique_id "aloWfsAu6VoAT42TEhI2sAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 11:07:41
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:07:33.659524 2026] [security2:error] [pid 11074:tid 11074] [client 192.144.133.5:52708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pcga.golf"] [uri "/.env.backup"] [unique_id "aloM9QAdQjn7Thj-7Q2Z-wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-17 10:59:59
(13 hours ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-17 09:51:48
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:51:41.024261 2026] [security2:error] [pid 22480:tid 22480] [client 192.144.133.5:58588] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ellavandeven.com"] [uri "/.env.staging"] [unique_id "aln7LQAFGZw0U-2hdV9hGgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
breubit
2026-07-17 09:03:29
(15 hours ago)
192.144.133.5 - - [17/Jul/2026:11:03:29 +0200] "GET /app/.env HTTP/1.1" 403 499 "-" "Mozilla/5.0 (Wi ...
show more
192.144.133.5 - - [17/Jul/2026:11:03:29 +0200] "GET /app/.env HTTP/1.1" 403 499 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:38:11
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:38:06.207987 2026] [security2:error] [pid 3755061:tid 3755061] [client 192.144.133.5:49365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.diydivaslv.andiamocomputers.com"] [uri "/.env.old"] [unique_id "alnp7g37y-PG_312fN8k1AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:39:22
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 192.144.133.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:39:14.456049 2026] [security2:error] [pid 27003:tid 27067] [client 192.144.133.5:63061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oceanstatecollision.com"] [uri "/.env"] [unique_id "alncIpRyhXpmlI7uhRJ7WAAAAJQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 07:04:54
(17 hours ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection