๐ฉ๐ช
abdubhai
2026-06-30 12:03:24
(5 days ago)
172.68.164.79 - - [30/Jun/2026:1
...
Brute-Force
๐ง๐ฌ
Stoyko Stoykov
2026-06-29 00:18:59
(1 week ago)
172.68.164.79 - - [29/Jun/2026:03:18:55 +0300] "GET /portal/.git/config HTTP/2.0" 404 176 "-" "Mozil ...
show more
172.68.164.79 - - [29/Jun/2026:03:18:55 +0300] "GET /portal/.git/config HTTP/2.0" 404 176 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.142 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ธ๐ฌ
anotherwatcher
2026-06-24 15:42:35
(1 week ago)
bad bot
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-19 08:43:10
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:43:02.430245 2026] [security2:error] [pid 10981:tid 10981] [client 172.68.164.79:13575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casalaaldehuela.com"] [uri "/.env.production"] [unique_id "ajUBFrMdYz7s_kZzVDLBcAAAAAk"], referer: https://www.google.com/search?q=casalaaldehuela.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
anotherwatcher
2026-06-07 17:52:26
(4 weeks ago)
bad bot
Bad Web Bot
๐ฉ๐ช
abdubhai
2026-06-06 12:27:59
(4 weeks ago)
172.68.164.79 - - [06/Jun/2026:1
...
Brute-Force
๐ธ๐ฌ
anotherwatcher
2026-06-02 13:19:35
(1 month ago)
bad bot
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-11 05:01:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 01:01:05.307277 2026] [security2:error] [pid 29636:tid 29636] [client 172.68.164.79:11054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.deindo.com.kairoslogammakmur.com"] [uri "/.env.dev"] [unique_id "agFikZwsQxP3giiZ3hJbPgAAABI"], referer: https://www.google.com/search?q=www.deindo.com.kairoslogammakmur.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-10 02:40:13
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 22:40:10.117709 2026] [security2:error] [pid 17744:tid 17744] [client 172.68.164.79:13276] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.alexetjeremy.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.alexetjeremy.com"] [uri "/backup.sql"] [unique_id "af_wCvbx_C7wwS-CNs98zgAAABI"], referer: https://www.google.com/search?q=www.alexetjeremy.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-08 13:36:29
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 09:36:18.361054 2026] [security2:error] [pid 20328:tid 20328] [client 172.68.164.79:11732] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nessmonsters.com"] [uri "/.env.dev"] [unique_id "af3m0jnEaptYdz2C9oQE1AAAABk"], referer: https://www.google.com/search?q=autodiscover.nessmonsters.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-08 12:51:17
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 08:51:07.866405 2026] [security2:error] [pid 23083:tid 23113] [client 172.68.164.79:13429] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bakmail.net|F|2"] [data ".tfstate.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bakmail.net"] [uri "/terraform.tfstate.backup"] [unique_id "af3cO7qzsNwMslSBzxf_kwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-07 22:02:14
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-07
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-07 19:07:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 15:07:05.918696 2026] [security2:error] [pid 12290:tid 12290] [client 172.68.164.79:13334] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iainrealtor.com"] [uri "/.env"] [unique_id "afzi2ZX6uue2y2ae62n6VQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-07 16:41:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.68.164.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 07 12:41:20.732109 2026] [security2:error] [pid 19506:tid 19506] [client 172.68.164.79:11932] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jesusthechristministry.org.halotoys.com"] [uri "/.git/config"] [unique_id "afzAsLAgZBpUto_cnaGifAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-04-25 05:31:54
(2 months ago)
172.68.164.79 - - [25/Apr/2026:1
...
Brute-Force