πΉπ·
baku.hosting
2026-07-18 00:29:01
(6 hours ago)
CSF Auto Report: (cpanel) Failed cPanel login from 34.208.37.191 (US/United States/ec2-34-208-37-191 ...
show more
CSF Auto Report: (cpanel) Failed cPanel login from 34.208.37.191 (US/United States/ec2-34-208-37-191.us-west-2.compute.amazonaws.com): 4 in the last 3600 secs
show less
Brute-Force
Web App Attack
π³π±
homeshowdomain.nl
2026-07-17 22:05:04
(8 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
π©πͺ
R.G.
2026-07-17 06:29:19
(1 day ago)
(ScanningForFiles) Scanning for files triggerd 34.208.37.191 (US/United States/ec2-34-208-37-191.us- ...
show more
(ScanningForFiles) Scanning for files triggerd 34.208.37.191 (US/United States/ec2-34-208-37-191.us-west-2.compute.amazonaws.com): 10 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
π¨π¦
zXero
2026-07-17 01:20:23
(1 day ago)
Fail2Ban automatic report - jail: no-wordpress
Brute-Force
SSH
DDoS Attack
ππΊ
DumaNet
2026-07-17 01:00:00
(1 day ago)
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 16. 18:58:52
Source IP: 34.208 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 16. 18:58:52
Source IP: 34.208.37.191
Portion of the log(s):
34.208.37.191 - [16/Jul/2026:18:58:52 +0200] "GET /phpinfo.php HTTP/1.1" 404 27 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:58:52 +0200] "GET /.env.neon HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:58:52 +0200] "GET /.env.supabase HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:58:51 +0200] "GET /.env.vercel HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:58:51 +0200] "GET /.env.render
show less
Web App Attack
ππΊ
DumaNet
2026-07-17 00:42:00
(1 day ago)
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 16. 18:48:15
Source IP: 34.208 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 16. 18:48:15
Source IP: 34.208.37.191
Portion of the log(s):
34.208.37.191 - [16/Jul/2026:18:48:15 +0200] "GET /panel/.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:48:15 +0200] "GET /dashboard/.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:48:15 +0200] "GET /portal/.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:48:15 +0200] "GET /local/.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:48:15 +0200] "GET /sbin/.env
show less
Web App Attack
ππΊ
DumaNet
2026-07-17 00:24:00
(1 day ago)
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 16. 18:37:39
Source IP: 34.208 ...
show more
Web app attack attempts, scanning for vulnerability.
Date: 2026 Jul 16. 18:37:39
Source IP: 34.208.37.191
Portion of the log(s):
34.208.37.191 - [16/Jul/2026:18:37:39 +0200] "GET /.env.save HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:37:39 +0200] "GET /.env.backup HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:37:38 +0200] "GET /.env.remote HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:37:38 +0200] "GET /.env.test HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - [16/Jul/2026:18:37:38 +0200] "GET /.env.develop
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 22:45:06
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.208.37.191 (ec2-34-208-37-191.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 34.208.37.191 (ec2-34-208-37-191.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 18:44:58.587010 2026] [security2:error] [pid 10550:tid 10550] [client 34.208.37.191:48112] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "filmpolis.com"] [uri "/.git/config"] [unique_id "alle6qb6Ib64hw7tqcHBWAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 21:38:21
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.208.37.191 (ec2-34-208-37-191.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 34.208.37.191 (ec2-34-208-37-191.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:38:16.795325 2026] [security2:error] [pid 26291:tid 26307] [client 34.208.37.191:55230] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sherwoo1.aafm.us"] [uri "/.git/config"] [unique_id "allPSD1MfOQEGqIPfIaPfQAAAIw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-16 20:25:27
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 34.208.37.191 (ec2-34-208-37-191.us-west-2.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 34.208.37.191 (ec2-34-208-37-191.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:25:20.346335 2026] [security2:error] [pid 6722:tid 6722] [client 34.208.37.191:39134] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.urrguide.com.coolingsprings.org"] [uri "/.git/config"] [unique_id "alk-MGuxDwGnJzYmzgp_8QAAAFI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-07-16 16:43:44
(1 day ago)
Excessive 404/403 errors
Brute-Force
πΊπ¦
URAN Publishing Service
2026-07-16 15:59:45
(1 day ago)
34.208.37.191 - - [16/Jul/2026:18:59:28 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Macint ...
show more
34.208.37.191 - - [16/Jul/2026:18:59:28 +0300] "GET /.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
34.208.37.191 - - [16/Jul/2026:18:59:43 +0300] "GET /app/.env HTTP/1.1" 404 705 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Web App Attack