๐ฉ๐ช
kjaerulff
2025-09-08 11:29:02
(10 months ago)
Probed for .env vounabilities - 2 times
Web App Attack
Anonymous
2025-09-08 08:14:26
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
๐ฉ๐ช
khost
2025-09-08 06:12:00
(10 months ago)
massive scanning for .env Files
Hacking
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Bedios GmbH
2025-09-07 23:20:29
(10 months ago)
Login credentials theft attempt
Hacking
๐จ๐ฆ
Dunham Support
2025-09-07 17:16:20
(10 months ago)
(mod_security) mod_security triggered on hostname [redacted] 35.181.61.26 (FR/France/ec2-35-181-61-2 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 35.181.61.26 (FR/France/ec2-35-181-61-26.eu-west-3.compute.amazonaws.com)
show less
SQL Injection
๐ฒ๐พ
Rizzy
2025-09-07 15:52:06
(10 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ณ๐ฑ
Savvii
2025-09-07 13:50:24
(10 months ago)
34 attempts against mh-misbehave-ban on plum
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-06 23:25:15
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 19:25:08.785693 2025] [security2:error] [pid 15139:tid 15139] [client 35.181.61.26:32832] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karieva.com"] [uri "/.env"] [unique_id "aLzC1F4ce_-tzFzFFzjY2AAAAAQ"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-06 22:54:48
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 18:54:41.729985 2025] [security2:error] [pid 7481:tid 7481] [client 35.181.61.26:35990] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karendraughon.com"] [uri "/.env"] [unique_id "aLy7sbk9tycNJxCe-nVMpwAAAAg"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-09-06 21:31:49
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 17:31:42.527936 2025] [security2:error] [pid 6824:tid 6824] [client 35.181.61.26:34972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appalachianstomp.com"] [uri "/.env"] [unique_id "aLyoPkOsBpozIX33bUE9lAAAAAk"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Mario Silber
2025-09-06 20:52:38
(10 months ago)
(mod_security) mod_security triggered on hostname [redacted] 35.181.61.26 (FR/France/ec2-35-181-61-2 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 35.181.61.26 (FR/France/ec2-35-181-61-26.eu-west-3.compute.amazonaws.com)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2025-09-06 20:37:28
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 35.181.61.26 (ec2-35-181-61-26.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 16:37:24.536916 2025] [security2:error] [pid 17404:tid 17404] [client 35.181.61.26:41570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appalachianfolkmagician.com"] [uri "/.env"] [unique_id "aLybhN1FlNdJHDuMVAkXxQAAABw"], referer: https://www.google.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ช
RoboSOC
2025-09-06 17:37:34
(10 months ago)
phpunit Remote Code Execution Vulnerability, PTR: ec2-35-181-61-26.eu-west-3.compute.amazonaws.com.
Hacking
Anonymous
2025-09-06 15:07:47
(10 months ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ณ๐ฑ
BlueWire Hosting
2025-09-06 14:10:34
(10 months ago)
Probing for application vulnerabilities
Brute-Force
Web App Attack