๐ณ๐ฑ
homeshowdomain.nl
2026-07-17 22:03:51
(10 hours ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-07-16.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 01:11:13
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 52.8.55.215 (ec2-52-8-55-215.us-west-1.compute. ...
show more
(mod_security) mod_security (id:210492) triggered by 52.8.55.215 (ec2-52-8-55-215.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 21:11:05.474835 2026] [security2:error] [pid 59114:tid 59114] [client 52.8.55.215:60194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jodstar.com"] [uri "/config/.env"] [unique_id "almBKZ62NCAc7bCVg929qgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Rip
2026-07-17 01:04:04
(1 day ago)
Automated reconnaissance against web infrastructure.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 00:55:09
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 52.8.55.215 (ec2-52-8-55-215.us-west-1.compute. ...
show more
(mod_security) mod_security (id:210492) triggered by 52.8.55.215 (ec2-52-8-55-215.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 20:55:03.530747 2026] [security2:error] [pid 53214:tid 53214] [client 52.8.55.215:60386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "victorvictorloft.com"] [uri "/.env.production"] [unique_id "all9Z_lYpQ7Xbl7U3vISVwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
thedreamer.nl
2026-07-16 23:36:57
(1 day ago)
52.8.55.215 - - [17/Jul/2026:01:36:28 +0200] "GET /.env.template HTTP/1.1" 404 0 "-" "Mozilla/5.0 (W ...
show more
52.8.55.215 - - [17/Jul/2026:01:36:28 +0200] "GET /.env.template HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "US" "San Jose" "37.33880" "-121.89160"
52.8.55.215 - - [17/Jul/2026:01:36:28 +0200] "GET /.env.production.local HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "US" "San Jose" "37.33880" "-121.89160"
52.8.55.215 - - [17/Jul/2026:01:36:29 +0200] "GET /.env.development.local HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)" "US" "San Jose" "37.33880" "-121.89160"
52.8.55.215 - - [17/Jul/2026:01:36:29 +0200] "GET /.env.test.local HTTP/1.1" 404 0 "-"
...
show less
Brute-Force
Bad Web Bot
๐ฉ๐ช
ger-stg-sifi1
2026-07-16 23:19:25
(1 day ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-16 23:06:04
(1 day ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=158
Hacking
๐ณ๐ฑ
Site.eu
2026-07-16 23:01:35
(1 day ago)
Excessive multi-domain requests
Brute-Force
๐ซ๐ท
masterguru
2026-07-16 22:03:05
(1 day ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-195)
Hacking
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-07-16 22:00:41
(1 day ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
๐จ๐ญ
4server
2026-07-16 21:53:03
(1 day ago)
[ThuJul1623:52:56.8705782026][security2:error][pid1473269:tid1473538][client52.8.55.215:0]ModSecurit ...
show more
[ThuJul1623:52:56.8705782026][security2:error][pid1473269:tid1473538][client52.8.55.215:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".env\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"www.aidweb.ch.81-17-25-250.cpanel.site\"][uri\"/.env.test\"][unique_id\"allSuFEJcC0OZPhx3AedOgAAAQk\"]
show less
Hacking
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-16 21:52:57
(1 day ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-16 21:26:09
(1 day ago)
Try to access /src/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 21:15:08
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 52.8.55.215 (ec2-52-8-55-215.us-west-1.compute. ...
show more
(mod_security) mod_security (id:210492) triggered by 52.8.55.215 (ec2-52-8-55-215.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:15:03.202714 2026] [security2:error] [pid 9159:tid 9166] [client 52.8.55.215:41004] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ejspizzeriahudson.com"] [uri "/.env.test"] [unique_id "allJ1--AMu3aDfsKm9ozHwAAAII"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Matthew Ping
2026-07-16 21:00:02
(1 day ago)
ModSecurity rule 949110 triggered on wp2. Web application attack blocked by CSF/LFD.
Web App Attack
Hacking