๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:01:42
(18 hours ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 19:59:12
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:59:07.880967 2026] [security2:error] [pid 32101:tid 32101] [client 35.200.54.80:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.c2cservices.com"] [uri "/backup/.env"] [unique_id "alk4CwcA8j9bQdHe2SkAZAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-07-16 19:43:35
(20 hours ago)
http-sensitive-files - IP: 35.200.54.80 - time="2026-07-16T21:43:35+02:00" level=info msg="(555f66b ...
show more
http-sensitive-files - IP: 35.200.54.80 - time="2026-07-16T21:43:35+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 35.200.54.80 (JP/396982) : 4h ban on Ip 35.200.54.80" module=db
show less
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 19:15:04
(20 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:54:06
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:53:57.097546 2026] [security2:error] [pid 32662:tid 32662] [client 35.200.54.80:63708] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iostation.com"] [uri "/wp-config.php.save"] [unique_id "alkoxf_uHGfrJx2UMX1AoQAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-16 18:11:01
(21 hours ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:45:28
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:44:21.990090 2026] [security2:error] [pid 13235:tid 13322] [client 35.200.54.80:59038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.eafm.org.aafm.us"] [uri "/server/.env"] [unique_id "alkYdfTO6a-gTz5dq_utzgAAAY4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:29:53
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:29:43.991245 2026] [security2:error] [pid 7608:tid 7608] [client 35.200.54.80:63795] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vincetronics.com"] [uri "/.envrc"] [unique_id "alkVB0bYB41ABh_6G7uyFQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 17:14:26
(22 hours ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:59:35
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:59:27.741459 2026] [security2:error] [pid 1360:tid 1360] [client 35.200.54.80:61101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pacificintermountain.com"] [uri "/.env.bak"] [unique_id "alkN72vk4G4EChiXmXH27wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:40:53
(23 hours ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:40:45.023816 2026] [security2:error] [pid 6029:tid 6029] [client 35.200.54.80:54397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fastr-wellington.com"] [uri "/.env.backup"] [unique_id "alkJjXikJyvGh0bzWdUnQAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:17:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:16:15.443675 2026] [security2:error] [pid 8247:tid 8247] [client 35.200.54.80:51934] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.aiamur.com"] [uri "/.env.production.local"] [unique_id "alj1vy8D9OI-bDUBVHBntgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 14:59:23
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent ...
show more
(mod_security) mod_security (id:210492) triggered by 35.200.54.80 (80.54.200.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 10:59:19.861825 2026] [security2:error] [pid 13888:tid 13888] [client 35.200.54.80:65241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itsopossum.flyingdodostudio.com"] [uri "/web/.env"] [unique_id "aljxxzztVWDJb855a0Df7wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack