๐ณ๐ฑ
homeshowdomain.nl
2026-07-18 22:02:51
(14 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-17.
show less
Web App Attack
SSH
Hacking
๐ช๐ธ
pipeline.es
2026-07-18 02:52:35
(1 day ago)
Web scanning / probing for vulnerable paths | URL: /.env.dev | Evidence: www.crucerofluvial.com 34.2 ...
show more
Web scanning / probing for vulnerable paths | URL: /.env.dev | Evidence: www.crucerofluvial.com 34.219.125.181 - - [18/Jul/2026:04:51:31 +0200] \"GET /.env.dev HTTP/1.1\" 404 4815 \"-\" \"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36\" GEOIP_COUNTRY_CODE=US | ASN: AMAZON-02 | Country: US
show less
Port Scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 00:43:21
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:43:18.493665 2026] [security2:error] [pid 1054:tid 1054] [client 34.219.125.181:37660] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hjaltihjalmarsson.com"] [uri "/.git/config"] [unique_id "all6pgvd1m0NYKbUHVlhMgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Aetherweb Ark
2026-07-16 18:54:57
(2 days ago)
(mod_security) mod_security (id:949110) triggered by 34.219.125.181 (US/United States/ec2-34-219-125 ...
show more
(mod_security) mod_security (id:949110) triggered by 34.219.125.181 (US/United States/ec2-34-219-125-181.us-west-2.compute.amazonaws.com): N in the last X secs
show less
Web App Attack
๐บ๐ธ
bigscoots.com
2026-07-16 15:22:50
(2 days ago)
(PERMBLOCK) 34.219.125.181 (US/United States/ec2-34-219-125-181.us-west-2.compute.amazonaws.com) has ...
show more
(PERMBLOCK) 34.219.125.181 (US/United States/ec2-34-219-125-181.us-west-2.compute.amazonaws.com) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-16 13:55:37
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:55:33.174312 2026] [security2:error] [pid 15592:tid 15592] [client 34.219.125.181:34852] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cityviewsportsbar.com"] [uri "/.git/config"] [unique_id "alji1aZwJTj0uDGuuZnU6AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 13:40:03
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ช๐ธ
alferez
2026-07-16 12:36:21
(2 days ago)
Searching .(env|sql|zip|tar|rar) files
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
mnsf
2026-06-17 00:37:32
(1 month ago)
Abuse Detected (8)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 23:34:28
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 19:34:24.748663 2026] [security2:error] [pid 826:tid 826] [client 34.219.125.181:43244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mysticbitchsalon.com"] [uri "/.git/config"] [unique_id "ajHdgI8MpvX9IHlrBgkYhwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 22:46:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 34.219.125.181 (ec2-34-219-125-181.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 18:46:09.666702 2026] [security2:error] [pid 31442:tid 31442] [client 34.219.125.181:39552] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mysticalparadise.com"] [uri "/.git/config"] [unique_id "ajHSMSwFy2K9aJF-rAdIngAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ถ๐ฆ
CB Infosec
2025-08-17 06:19:00
(11 months ago)
Scanning 22 destination ip with a total hits of 44
Port Scan