๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:04:14
(1 day ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
Anonymous
2026-07-16 08:05:29
(2 days ago)
Blocked: Reason='Vulnerability probing โ PHP scan detected (41/60 min)'; Requests=41
Port Scan
๐บ๐ธ
Lee Daniel
2026-07-16 07:04:41
(2 days ago)
3.135.223.64 - - [16/Jul/2026:03:04:40 -0400] "GET /.env HTTP/1.1" 403 6300 "-" "Mozilla/5.0 (X11; L ...
show more
3.135.223.64 - - [16/Jul/2026:03:04:40 -0400] "GET /.env HTTP/1.1" 403 6300 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
DDoS Attack
Web Spam
Email Spam
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 06:40:15
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 02:40:08.131578 2026] [security2:error] [pid 21776:tid 21776] [client 3.135.223.64:44320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sportfabrics.jam-pak.com"] [uri "/.git/config"] [unique_id "alh8yPKFxqI_7nK3XzFNJAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 05:51:11
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 01:51:03.544481 2026] [security2:error] [pid 20234:tid 20234] [client 3.135.223.64:52692] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.theaccentsnet2019.mainstreetofficesuites.com"] [uri "/.git/config"] [unique_id "alhxR_l-s40wuAotsCeUtwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 03:34:24
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:34:18.635929 2026] [security2:error] [pid 30056:tid 30056] [client 3.135.223.64:44734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.spittingimagegallery.kathrynmcbride.com"] [uri "/.git/config"] [unique_id "alhROi6H24jQNlhe4IlHlQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Roderic
2026-07-16 03:22:16
(2 days ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
๐ฉ๐ช
LRob
2026-07-16 03:21:46
(2 days ago)
CrowdSec: crowdsecurity/http-sensitive-files | req: /.env | 5 distinct paths | UA: Mozilla/5.0 (Maci ...
show more
CrowdSec: crowdsecurity/http-sensitive-files | req: /.env | 5 distinct paths | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
show less
Hacking
๐ซ๐ท
dynamix
2026-07-16 03:18:27
(2 days ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
mnsf
2026-07-16 02:05:11
(2 days ago)
Scanning/Probing (32)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 01:13:54
(2 days ago)
(mod_security) mod_security (id:949110) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.comput ...
show more
(mod_security) mod_security (id:949110) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:13:50.299089 2026] [security2:error] [pid 21816:tid 21816] [client 3.135.223.64:60712] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.tgt.cescfoundation.org"] [uri "/.git/config"] [unique_id "algwTvjQ4lX6IS8vEqI4YwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 22:37:37
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 3.135.223.64 (ec2-3-135-223-64.us-east-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 18:37:33.473122 2026] [security2:error] [pid 1860213:tid 1860213] [client 3.135.223.64:49246] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.text.joebankx.com"] [uri "/.git/config"] [unique_id "algLrcR1Jd5JpClTYsCHgQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
lavnet.net
2026-07-15 21:03:26
(3 days ago)
3.135.223.64 - - [15/Jul/2026:21:03:25 +0000] "GET /.git/config HTTP/1.1" 404 2105 "-" "Mozilla/5.0 ...
show more
3.135.223.64 - - [15/Jul/2026:21:03:25 +0000] "GET /.git/config HTTP/1.1" 404 2105 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.135.223.64 - - [15/Jul/2026:21:03:25 +0000] "GET /.env HTTP/1.1" 404 2105 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.135.223.64 - - [15/Jul/2026:21:03:25 +0000] "GET /.env.local HTTP/1.1" 404 2105 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.135.223.64 - - [15/Jul/2026:21:03:25 +0000] "GET /.env.production HTTP/1.1" 404 2105 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.135.223.64 - - [15/Jul/2026:21:03:25 +0000] "GET /.env.staging HTTP/1.1" 404 2105 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
3.135.223.64 - - [15/Jul/2026:21:03:25 +0000] "G
...
show less
Brute-Force
๐ง๐ช
cmbplf
2026-07-15 17:31:24
(3 days ago)
2.436 requests with url.path *.env
420 requests with url.path *phpinfo.php
Brute-Force
Bad Web Bot
๐ฎ๐น
VHosting
2026-07-15 15:30:03
(3 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack