๐ฉ๐ช
big-cloud.nl
2026-07-16 22:31:52
(23 minutes ago)
Try to access /.env
Web App Attack
Anonymous
2026-07-16 21:07:14
(1 hour ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=98
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 20:58:14
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:58:07.399719 2026] [security2:error] [pid 15551:tid 15551] [client 52.34.58.106:44916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.title29.itaxcenter.com"] [uri "/server/.env"] [unique_id "allF316CDBY78jQgfxfbQQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:06:24
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:05:54.180480 2026] [security2:error] [pid 11926:tid 11926] [client 52.34.58.106:30866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thecalls.net"] [uri "/.env"] [unique_id "alk5osYukTgh6ohtVgirNwAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
todix
2026-07-16 20:06:21
(2 hours ago)
Web App Attack Exploid from 52.34.58.106
Web App Attack
๐ณ๐ฑ
myip.foo
2026-07-16 19:34:34
(3 hours ago)
[myip.foo] 52.34.58.106 - - [16/Jul/2026:19:34:33 +0000] "GET /.env.prod HTTP/1.1" 404 148 "-" "Mozi ...
show more
[myip.foo] 52.34.58.106 - - [16/Jul/2026:19:34:33 +0000] "GET /.env.prod HTTP/1.1" 404 148 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:29:36
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:29:30.167243 2026] [security2:error] [pid 25471:tid 25471] [client 52.34.58.106:36268] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.feaverslane.com"] [uri "/wp-config.php.old"] [unique_id "alkxGmx4aAtYS0Hh2GzxCQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-16 19:00:20
(3 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:52:11
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:48:26.758709 2026] [security2:error] [pid 32388:tid 32388] [client 52.34.58.106:59712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.forum.kleens-uk.com"] [uri "/.env~"] [unique_id "alkneg5HQ5SGvM7ip96qhgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:25:31
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:25:26.914139 2026] [security2:error] [pid 7176:tid 7176] [client 52.34.58.106:19946] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gsrsv.org"] [uri "/server/.env"] [unique_id "alkiFk9CZ_hvgRzT49OwaQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-16 18:17:01
(4 hours ago)
Restricted File Access Attempt. Matched phrase ".config/" at REQUEST_FILENAME. (930130-196)
Hacking
Web App Attack
Anonymous
2026-07-16 18:11:39
(4 hours ago)
(caddyscan) Scanner path probe from 52.34.58.106 (US/United States/ec2-52-34-58-106.us-west-2.comput ...
show more
(caddyscan) Scanner path probe from 52.34.58.106 (US/United States/ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 52.34.58.106 - - [16/Jul/2026:18:11:37 +0000] "GET /config/.env HTTP/1.1"
[REDACTED] 200 2627 52.34.58.106 - - [16/Jul/2026:18:11:37 +0000] "GET /backend/.env HTTP/1.1"
[REDACTED] 200 2627 52.34.58.106 - - [16/Jul/2026:18:11:37 +0000] "GET /frontend/.env HTTP/1.1"
[REDACTED] 200 2627 52.34.58.106 - - [16/Jul/2026:18:11:37 +0000] "GET /api/.env HTTP/1.1"
[REDACTED] 200 2627 52.34.58.106 - - [16/Jul/2026:18:11:37 +0000] "GET /server/.env HTTP/1.1"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-16 17:44:10
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:42:55.396589 2026] [security2:error] [pid 13234:tid 13276] [client 52.34.58.106:20094] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.annacaird.com.iancaird.com"] [uri "/.env.staging"] [unique_id "alkYH2JsOKpnnDkB0xUplgAAAQc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:29:07
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:28:57.618115 2026] [security2:error] [pid 4946:tid 4946] [client 52.34.58.106:10418] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flutetroupeofyakima.org"] [uri "/.env.tmp"] [unique_id "alkU2SlIwFwDohw2iZ4DRwAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:56:18
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.34.58.106 (ec2-52-34-58-106.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:56:10.961722 2026] [security2:error] [pid 15903:tid 15903] [client 52.34.58.106:28544] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.skincare.kalosgroups.com"] [uri "/.env.production.local"] [unique_id "alkNKsa3J_-RCM4cn252KgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack