๐บ๐ธ
TPI-Abuse
2026-07-17 01:44:18
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:44:13.878460 2026] [security2:error] [pid 19362:tid 19362] [client 52.52.190.22:51746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cs4kids.org"] [uri "/.env.local"] [unique_id "almI7S2JnuusCnhxohxaAgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 01:22:48
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:22:40.937587 2026] [security2:error] [pid 20508:tid 20508] [client 52.52.190.22:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abdulhameeds.art"] [uri "/.env"] [unique_id "almD4Jg_YR2H6RF_irsH_gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
myintarweb
2026-07-17 01:00:46
(2 hours ago)
52.52.190.22 - - [17/Jul/2026:02:00:45 +0100] 443 "GET /wp-config.php.bak HTTP/1.1" 301 7032 "-" "Mo ...
show more
52.52.190.22 - - [17/Jul/2026:02:00:45 +0100] 443 "GET /wp-config.php.bak HTTP/1.1" 301 7032 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
52.52.190.22 - - [17/Jul/2026:02:00:45 +0100] 443 "GET /wp-config.php.old HTTP/1.1" 301 1718 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-17 00:43:38
(3 hours ago)
Try to access /src/.env
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-17 00:26:25
(3 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ณ๐ฑ
thedreamer.nl
2026-07-16 23:36:30
(4 hours ago)
52.52.190.22 - - [17/Jul/2026:01:36:01 +0200] "GET /.env.save HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Wi ...
show more
52.52.190.22 - - [17/Jul/2026:01:36:01 +0200] "GET /.env.save HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "US" "San Jose" "37.33880" "-121.89160"
52.52.190.22 - - [17/Jul/2026:01:36:01 +0200] "GET /.env.old HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "US" "San Jose" "37.33880" "-121.89160"
52.52.190.22 - - [17/Jul/2026:01:36:02 +0200] "GET /.env.bak HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "US" "San Jose" "37.33880" "-121.89160"
52.52.190.22 - - [17/Jul/2026:01:36:02 +0200] "GET /.env.tmp HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT
...
show less
Brute-Force
Bad Web Bot
Anonymous
2026-07-16 22:12:07
(5 hours ago)
Multiple web server 400 error codes from same source ip
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:06:11
(5 hours ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-16 20:43:35
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 16:43:28.110104 2026] [security2:error] [pid 26255:tid 26255] [client 52.52.190.22:56466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "noshsf.com"] [uri "/.env.production"] [unique_id "allCcOn8pAu8lOygEa1wwAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:55:19
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:55:10.823320 2026] [security2:error] [pid 4543:tid 4543] [client 52.52.190.22:48882] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "luxurymicrobikini.com"] [uri "/.env.save"] [unique_id "alk3HllNzsM1Hgzrtk5sAQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:26:33
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:26:25.868849 2026] [security2:error] [pid 21166:tid 21166] [client 52.52.190.22:6018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.feaverslane.com"] [uri "/.env"] [unique_id "alkwYcDWtSbDgSjW9Y9QLQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-16 19:05:03
(8 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:47:19
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:47:11.845227 2026] [security2:error] [pid 25842:tid 25842] [client 52.52.190.22:57212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iostation.com"] [uri "/.env"] [unique_id "alknL4BJj42JZuPYD8khmQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 18:23:46
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.52.190.22 (ec2-52-52-190-22.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 14:23:43.079849 2026] [security2:error] [pid 5883:tid 5883] [client 52.52.190.22:9780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gsrsv.org"] [uri "/.env.test"] [unique_id "alkhrxjpV1U5QBIRb20cvwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-16 18:08:25
(9 hours ago)
WP Config Probe
Web App Attack