๐ฌ๐ง
consul.to
2026-07-14 18:44:04
(35 minutes ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 17:05:52
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 13:05:46.651012 2026] [security2:error] [pid 19548:tid 19548] [client 52.53.235.86:53823] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sailyourkayak.com"] [uri "/.env"] [unique_id "alZsaqWqAgcpy1Fb0I7U2QAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 16:27:11
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 12:27:05.756865 2026] [security2:error] [pid 1416:tid 1416] [client 52.53.235.86:60350] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "terrybeachmusic.com"] [uri "/.env"] [unique_id "alZjWfEjXuKTF9dMwA3ILAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐น
Subnet Shadow Specter
2026-07-14 14:39:49
(4 hours ago)
[Activity Alert] Abusive automated scraping detected in violation of crawl depth limits. IP automati ...
show more
[Activity Alert] Abusive automated scraping detected in violation of crawl depth limits. IP automatically blocked and banned. [User-Agent]: python-requests/2.34.2. [OS]: Unknown. [IP Address]: 52.53.235.86. [IoA Datetime]: 2026-07-14 14:26:56 UTC.
show less
Bad Web Bot
Hacking
Port Scan
Web App Attack
๐ฎ๐ฉ
zam
2026-07-14 11:20:34
(7 hours ago)
52.53.235.86 - - [14/Jul/2026:11:20:30 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.p ...
show more
52.53.235.86 - - [14/Jul/2026:11:20:30 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 236
show less
Web App Attack
๐บ๐ธ
nyt
2026-07-14 09:05:30
(10 hours ago)
Sensitive File Probe
Web App Attack
๐จ๐ญ
Origon
2026-07-14 08:07:56
(11 hours ago)
CVE-2017-9841 - IP: 52.53.235.86 - time="2026-07-14T10:07:56+02:00" level=info msg="(555f66b4f6a745 ...
show more
CVE-2017-9841 - IP: 52.53.235.86 - time="2026-07-14T10:07:56+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/CVE-2017-9841 by ip 52.53.235.86 (US/16509) : 4h ban on Ip 52.53.235.86" module=db
show less
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-14 07:31:55
(11 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 52.53.235.86 (US/United States/ec2- ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 52.53.235.86 (US/United States/ec2-52-53-235-86.us-west-1.compute.amazonaws.com): 1 in the last 3600 secs
show less
Web App Attack
๐ง๐ช
voormedia
2026-07-14 06:30:24
(12 hours ago)
Accessed trap at '/.env'
Web App Attack
Anonymous
2026-07-14 06:16:17
(13 hours ago)
52.53.235.86 patrz.eu - [14/Jul/2026:08:16:15 +0200] "GET /.env HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Li ...
show more
52.53.235.86 patrz.eu - [14/Jul/2026:08:16:15 +0200] "GET /.env HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 04:22:16
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 00:22:10.396751 2026] [security2:error] [pid 26088:tid 26088] [client 52.53.235.86:52582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humans2humans.org"] [uri "/.env"] [unique_id "alW5ciEoP5Q9J4IybcffXQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Baking333
2026-07-13 23:45:25
(19 hours ago)
[redacted] 52.53.235.86 - - [14/Jul/2026:00:45:22 +0100] "GET /.env HTTP/1.1" 301 582 0/359 "-" "Moz ...
show more
[redacted] 52.53.235.86 - - [14/Jul/2026:00:45:22 +0100] "GET /.env HTTP/1.1" 301 582 0/359 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" [redacted] 52.53.235.86 - - [14/Jul/2026:00:45:23 +0100] "GET /.env HTTP/1.1" 302 6798 0/63250 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
show less
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-13 22:31:16
(20 hours ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe, phpunit_rce. Observed by 1 sensor(s); 3 hits.
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 22:28:34
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.comput ...
show more
(mod_security) mod_security (id:210492) triggered by 52.53.235.86 (ec2-52-53-235-86.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 18:28:29.022133 2026] [security2:error] [pid 14766:tid 14766] [client 52.53.235.86:55303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hl-re.com"] [uri "/.env"] [unique_id "alVmjVMFX2SxG_J3rJh3YwAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-13 21:59:25
(21 hours ago)
Auto-ban: >3000 req/min op 2026-07-13
Web App Attack
SSH
Hacking