๐บ๐ธ
TPI-Abuse
2026-07-17 03:13:32
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:13:28.841921 2026] [security2:error] [pid 187950:tid 187979] [client 35.157.10.119:39612] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fayleuzzi.com.floridarobotics.com"] [uri "/.env"] [unique_id "almd2EG-k92vi38bJtCLxQAAAYc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-17 02:48:33
(12 hours ago)
(caddyscan) Scanner path probe from 35.157.10.119 (DE/Germany/ec2-35-157-10-119.eu-central-1.compute ...
show more
(caddyscan) Scanner path probe from 35.157.10.119 (DE/Germany/ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 35.157.10.119 - - [17/Jul/2026:02:15:13 +0000] "GET /temp/.env HTTP/1.1"
[REDACTED] 200 2627 35.157.10.119 - - [17/Jul/2026:02:48:27 +0000] "GET /.env.template HTTP/1.1"
[REDACTED] 200 2627 35.157.10.119 - - [17/Jul/2026:02:48:28 +0000] "GET /.env.production.local HTTP/1.1"
[REDACTED] 200 2627 35.157.10.119 - - [17/Jul/2026:02:48:28 +0000] "GET /.env.development.local HTTP/1.1"
[REDACTED] 200 2627 35.157.10.119 - - [17/Jul/2026:02:48:28 +0000] "GET /.env.test.local HTTP/1.1"
show less
Port Scan
Anonymous
2026-07-17 02:06:51
(13 hours ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:45:33
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:45:27.090249 2026] [security2:error] [pid 10565:tid 10565] [client 35.157.10.119:2932] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cs4kids.org"] [uri "/.env.production.local"] [unique_id "almJN6yG-L6KWBeJI8qrVQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 00:55:40
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:55:34.038988 2026] [security2:error] [pid 53306:tid 53306] [client 35.157.10.119:52378] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "victorvictor.biz"] [uri "/.env.test"] [unique_id "all9hmtiNaUseJVw8MfuQAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-17 00:11:12
(15 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-16 23:48:39
(15 hours ago)
(modsecurity) srv104 ModSecurity 35.157.10.119 (DE/Germany/ec2-35-157-10-119.eu-central-1.compute.am ...
show more
(modsecurity) srv104 ModSecurity 35.157.10.119 (DE/Germany/ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ซ๐ท
masterguru
2026-07-16 22:05:36
(17 hours ago)
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ ...
show more
URL file extension is restricted by policy. String match within ".ani/ .asa/ .asax/ .ascx/ .backup/ .bak/ .bat/ .cdx/ .cer/ .cfg/ .cmd/ .com/ .compositefont/ .config/ .conf/ .crt/ .cs/ .csproj/ .csr/ .dat/ .db/ .dbf/ .dist/ .dll/ .dos/ .dpkg-dist/ .drv/ .gadget/ .hta/ .htr/ .htw/ .ida/ .idc/ .idq/ .inc/ .inf/ .ini/ .jse/ .key/ .licx/ .lnk/ .log/ .mdb/ .msc/ .ocx/ .old/ .pass/ .pdb/ .pfx/ .pif/ .pem/ .pol/ .prf/ .printer/ .pwd/ .rdb/ .rdp/ .reg/ .resources/ .resx/ .scr/ .sct/ .shs/ .sql/ .swp/ .sys/ .tlb/ .tmp/ .url/ .vb/ .vbe/ .vbs/ .vbproj/ .vsdisco/ .vxd/ .webinfo/ .ws/ .wsc/ .wsf/ .wsh/ .xsd/ .xsx/" at TX:extension. (920440-195)
show less
Hacking
Anonymous
2026-07-16 21:53:19
(17 hours ago)
Bloqueado automaticamente por CrowdSec escenario crowdsecurity/http-sensitive-files
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-16 20:55:58
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:55:54.291263 2026] [security2:error] [pid 7615:tid 7694] [client 35.157.10.119:19084] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.agrigrailtech.com"] [uri "/.env.old"] [unique_id "allFWt15dZJOWSNZDvmxaQAAAhE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:10:59
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:10:53.420879 2026] [security2:error] [pid 16380:tid 16380] [client 35.157.10.119:55678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fireteam.faith"] [uri "/.env.tmp"] [unique_id "alk6zftwy4D_-GJKKG3_RQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:55:22
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:55:15.167658 2026] [security2:error] [pid 4543:tid 4543] [client 35.157.10.119:25336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "couturebikini.com"] [uri "/api/.env"] [unique_id "alk3I1lNzsM1Hgzrtk5sAgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:27:09
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 35.157.10.119 (ec2-35-157-10-119.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:27:01.811659 2026] [security2:error] [pid 18416:tid 18416] [client 35.157.10.119:41943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.feaverslane.com"] [uri "/.env.staging"] [unique_id "alkwhZTV0n7IfNXA0jTqGgAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 19:15:04
(20 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-16 19:02:10
(20 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack