๐บ๐ธ
TPI-Abuse
2026-07-17 01:46:48
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:46:45.027560 2026] [security2:error] [pid 26537:tid 26537] [client 52.52.138.196:57042] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cs4kids.org"] [uri "/server/.env"] [unique_id "almJhX3rT9Vf96ZOI45omgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 00:04:06
(5 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:04:01.077130 2026] [security2:error] [pid 27153:tid 27153] [client 52.52.138.196:50446] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naghmehfarahmand.com"] [uri "/.env.save"] [unique_id "allxcWvXnKRoBsRrN1OjiQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Aetherweb Ark
2026-07-16 23:51:37
(6 hours ago)
(mod_security) mod_security (id:949110) triggered by 52.52.138.196 (US/United States/ec2-52-52-138-1 ...
show more
(mod_security) mod_security (id:949110) triggered by 52.52.138.196 (US/United States/ec2-52-52-138-196.us-west-1.compute.amazonaws.com): N in the last X secs
show less
Web App Attack
๐ง๐พ
lns.bz
2026-07-16 23:11:57
(6 hours ago)
.env scanning [BY]
Web App Attack
Anonymous
2026-07-16 23:05:58
(6 hours ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=151
Hacking
๐ฉ๐ช
Ba-Yu
2026-07-16 22:51:26
(7 hours ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
LRob
2026-07-16 22:43:38
(7 hours ago)
CrowdSec: crowdsecurity/http-probing | req: /application-prod.properties | 11 distinct paths | UA: M ...
show more
CrowdSec: crowdsecurity/http-probing | req: /application-prod.properties | 11 distinct paths | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love;
show less
Port Scan
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-16 22:10:09
(7 hours ago)
Excessive multi-domain requests
Brute-Force
๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 21:59:35
(7 hours ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐ฒ๐พ
Rizzy
2026-07-16 21:53:27
(8 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฉ๐ช
todix
2026-07-16 21:34:38
(8 hours ago)
WebAttack or semilar from 52.52.138.196
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:57:02
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:56:59.087116 2026] [security2:error] [pid 7615:tid 7701] [client 52.52.138.196:37478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agrigrailtech.com"] [uri "/public/.env"] [unique_id "allFm915dZJOWSNZDvmx8QAAAhg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:41:58
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:41:52.300149 2026] [security2:error] [pid 5617:tid 5617] [client 52.52.138.196:56616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ridgecrestrealtors.com"] [uri "/.env.development.local"] [unique_id "allCEJvgBk-dHph7NDuMnwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 20:25:47
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.138.196 (ec2-52-52-138-196.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:25:42.269095 2026] [security2:error] [pid 9159:tid 9177] [client 52.52.138.196:57236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maestrosoler.com"] [uri "/client/.env"] [unique_id "alk-Ru-AMu3aDfsKm9oHYgAAAI0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 20:11:39
(9 hours ago)
Multiple WAF Violations
Web App Attack