๐ฉ๐ช
strxmpp
2026-05-01 15:40:48
(1 month ago)
104.207.39.95 - - [01/May/2026:17:40:46 +0200] "GET /.aws/credentials HTTP/1.1" 404 3669 "-" "Mozill ...
show more
104.207.39.95 - - [01/May/2026:17:40:46 +0200] "GET /.aws/credentials HTTP/1.1" 404 3669 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
...
show less
Bad Web Bot
๐ฆ๐บ
MAGIC
2026-03-10 01:56:42
(3 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ณ๐ฑ
homeshowdomain.nl
2026-02-15 22:59:27
(4 months ago)
Auto-ban: >3000 req/min op 2026-02-15
Hacking
Web App Attack
SSH
Anonymous
2026-02-15 12:04:03
(4 months ago)
Bot / scanning and/or hacking attempts: GET /.env.save HTTP/1.1, GET /.env.production HTTP/1.1, GET ...
show more
Bot / scanning and/or hacking attempts: GET /.env.save HTTP/1.1, GET /.env.production HTTP/1.1, GET /admin/.env HTTP/1.1, GET /.env HTTP/1.1, GET /api/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /.env.staging HTTP/1.1
show less
Hacking
Web App Attack
๐บ๐ธ
mnsf
2026-02-15 06:07:38
(4 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 05:25:06
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:24:56.917165 2026] [security2:error] [pid 6187:tid 6197] [client 104.207.39.95:45653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oftv.xyz"] [uri "/v2/.git/config"] [unique_id "aZFYqC7C2hm1R_Ut717oEwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
Origon
2026-02-15 04:57:08
(4 months ago)
http-sensitive-files - IP: 104.207.39.95 - time="2026-02-15T05:57:08+01:00" level=info msg="(555f66 ...
show more
http-sensitive-files - IP: 104.207.39.95 - time="2026-02-15T05:57:08+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 104.207.39.95 (US/200373) : 4h ban on Ip 104.207.39.95" module=db
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 03:55:15
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:55:10.619849 2026] [security2:error] [pid 1281640:tid 1281640] [client 104.207.39.95:44601] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "norun.net"] [uri "/new/.git/config"] [unique_id "aZFDnqyBIyLendwMjvHyAwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 03:31:58
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:31:54.031284 2026] [security2:error] [pid 2426646:tid 2426646] [client 104.207.39.95:13263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nolagardenmarket.com"] [uri "/dev/.git/config"] [unique_id "aZE-KiWaUcel3nPndIXMRAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 02:46:17
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:46:10.553164 2026] [security2:error] [pid 184122:tid 184245] [client 104.207.39.95:40303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pmdwebenterprises.com"] [uri "/admin/.env"] [unique_id "aZEzchZxbpqQBAmMeBFy8QAAAhc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 01:29:45
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:29:33.992199 2026] [security2:error] [pid 29109:tid 29109] [client 104.207.39.95:14311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nealandmichaeleschon.com"] [uri "/app/.git/config"] [unique_id "aZEhfb0Rsrpu0jRr74NTKwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 13:46:05
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:46:00.726812 2026] [security2:error] [pid 26833:tid 26833] [client 104.207.39.95:63859] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mindheartbreath.com"] [uri "/backup/.git/config"] [unique_id "aY8rGJQdDbKaHxmu2fuTWgAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 13:30:33
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 08:30:25.068217 2026] [security2:error] [pid 32628:tid 32725] [client 104.207.39.95:33997] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millicanjones.com"] [uri "/app/.git/config"] [unique_id "aY8ncWl7CmsZIZFZtRihgwAAAdE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-02-13 13:03:01
(4 months ago)
Blocking for trying to access an exploit file: /.env.local
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-13 06:13:48
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 01:13:41.068940 2026] [security2:error] [pid 21899:tid 21931] [client 104.207.39.95:16843] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mcismanila.com"] [uri "/admin/.env"] [unique_id "aY7BFVbOvFBDCmI4tvl7aQAAAUE"]
show less
Brute-Force
Bad Web Bot
Web App Attack