๐ฉ๐ช
XICTRON
2026-07-17 15:20:13
(20 minutes ago)
ModSecurity rule violation detected by Fail2Ban
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 12:53:34
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 08:53:31.185503 2026] [security2:error] [pid 9695:tid 9695] [client 32.186.185.196:49731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "waynejarvi.com"] [uri "/.env"] [unique_id "aloly8wahpu32_FaJT59ZQAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
zwebvigil
2026-07-17 12:15:18
(3 hours ago)
32.186.185.196 [17/Jul/2026:05:15:16 -0700] "GET /dist/main.js HTTP/1.1" 404 22 "-" port=16116 "Moz ...
show more
32.186.185.196 [17/Jul/2026:05:15:16 -0700] "GET /dist/main.js HTTP/1.1" 404 22 "-" port=16116 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "-" "-" "www.<host>" 4649
32.186.185.196 [17/Jul/2026:05:15:16 -0700] "GET /dist/app.js HTTP/1.1" 404 22 "-" port=16116 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "-" "-" "www.<host>" 3339
32.186.185.196 [17/Jul/2026:05:15:18 -0700] "GET /dist/bundle.js HTTP/1.1" 404 22 "-" port=17970 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "-" "-" "www.<host>" 3187
32.186.185.196 [17/Jul/2026:05:15:18 -0700] "GET /build/static/js/main.js
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 11:09:07
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 07:09:00.055429 2026] [security2:error] [pid 3914687:tid 3914687] [client 32.186.185.196:52568] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ronelgas.com"] [uri "/temp/.env"] [unique_id "aloNTNcgNyZm174JmJB7-wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 09:09:01
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:08:55.624362 2026] [security2:error] [pid 534673:tid 534673] [client 32.186.185.196:51098] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theknowledgemaster.com"] [uri "/.env"] [unique_id "alnxJ9RtZLPVVqFnsgWTSwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:49:09
(6 hours ago)
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:49:02.971406 2026] [security2:error] [pid 12711:tid 12797] [client 32.186.185.196:9204] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oftv.xyz"] [uri "/.env.prod"] [unique_id "alnsfmID80K53uBbKKISeAAAAFc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:33:13
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:33:07.612954 2026] [security2:error] [pid 682070:tid 682070] [client 32.186.185.196:62670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "okeetokee.net"] [uri "/.env"] [unique_id "alnow1vuMT4AJ_8MNJlpTQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 08:26:16
(7 hours ago)
(caddyscan) Scanner path probe from 32.186.185.196 (US/United States/ec2-32-186-185-196.us-west-2.co ...
show more
(caddyscan) Scanner path probe from 32.186.185.196 (US/United States/ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 32.186.185.196 - - [17/Jul/2026:08:26:13 +0000] "GET /app/.env HTTP/1.1"
[REDACTED] 200 2627 32.186.185.196 - - [17/Jul/2026:08:26:13 +0000] "GET /src/.env HTTP/1.1"
[REDACTED] 200 2627 32.186.185.196 - - [17/Jul/2026:08:26:14 +0000] "GET /config/.env HTTP/1.1"
[REDACTED] 200 2627 32.186.185.196 - - [17/Jul/2026:08:26:14 +0000] "GET /backend/.env HTTP/1.1"
[REDACTED] 200 2627 32.186.185.196 - - [17/Jul/2026:08:26:14 +0000] "GET /frontend/.env HTTP/1.1"
show less
Port Scan
๐บ๐ธ
Matthew Ping
2026-07-17 08:15:02
(7 hours ago)
ModSecurity rule 949110 triggered on cumberland. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking
๐ฎ๐ฉ
Burayot
2026-07-17 07:45:33
(7 hours ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 32.186.185.196 (US/United States/ec2 ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 32.186.185.196 (US/United States/ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 3600 secs
show less
Web App Attack
๐ฉ๐ช
ger-stg-sifi1
2026-07-17 06:41:33
(8 hours ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
masterguru
2026-07-17 05:36:11
(10 hours ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
๐ต๐ฑ
lns.bz
2026-07-17 05:28:45
(10 hours ago)
Web app attack [PL.Lu]
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 04:44:49
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:44:42.592127 2026] [security2:error] [pid 239083:tid 239083] [client 32.186.185.196:27010] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.coiledtubingdrilling.com.antech.net"] [uri "/.env.swp"] [unique_id "almzOpNM1GQOFvAf5zfBHwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 04:23:12
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 32.186.185.196 (ec2-32-186-185-196.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:23:06.878024 2026] [security2:error] [pid 8918:tid 8918] [client 32.186.185.196:58590] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nataliedenizescott.com"] [uri "/.env.swp"] [unique_id "almuKmT4w6qOfX8xcsLgZwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack