๐ง๐ฌ
Stoyko Stoykov
2026-07-16 10:09:59
(2 days ago)
172.70.134.140 - - [16/Jul/2026:13:09:59 +0300] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 ...
show more
172.70.134.140 - - [16/Jul/2026:13:09:59 +0300] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; Amzn-SearchBot/0.1) Chrome/119.0.6045.214 Safari/537.36"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-06 09:26:51
(1 week ago)
172.70.134.140 - - [06/Jul/2026:11:26:49 +0200] "GET /live/.env HTTP/1.1" 403 1738 "-" "Mozilla/5.0 ...
show more
172.70.134.140 - - [06/Jul/2026:11:26:49 +0200] "GET /live/.env HTTP/1.1" 403 1738 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
172.70.134.140 - - [06/Jul/2026:11:26:49 +0200] "GET /live/.env HTTP/1.1" 403 737 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
172.70.134.140 - - [06/Jul/2026:11:26:49 +0200] "GET /dev/.env HTTP/1.1" 403 1738 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
172.70.134.140 - - [06/Jul/2026:11:26:49 +0200] "GET /dev/.env HTTP/1.1" 403 737 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
172.70.134.140 - - [06/Jul/2026:11:26:49 +0200] "GET /opt/.env HTTP/1.1" 403 1738 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-07-06 06:17:35
(1 week ago)
172.70.134.140 - - [06/Jul/2026:09:17:35 +0300] "GET //xmlrpc.php?rsd HTTP/2.0" 404 134 "-" "Mozilla ...
show more
172.70.134.140 - - [06/Jul/2026:09:17:35 +0300] "GET //xmlrpc.php?rsd HTTP/2.0" 404 134 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ฆ๐บ
oncord
2026-05-23 21:50:30
(1 month ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2026-05-15 08:46:08
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:45:50.125874 2026] [security2:error] [pid 20655:tid 20658] [client 172.70.134.140:10265] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "landmarkocchealth.com"] [uri "/.env.backup"] [unique_id "agbdPgS8NqowuojCS1PGSAAAAUE"], referer: https://www.google.com/search?q=landmarkocchealth.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 06:43:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 02:42:57.745632 2026] [security2:error] [pid 25936:tid 25936] [client 172.70.134.140:10232] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "assheton.com"] [uri "/.env.save"] [unique_id "agbAcYgQZkxWDCPm_iukcAAAACI"], referer: https://www.google.com/search?q=assheton.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:26
(2 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
mnsf
2026-04-08 19:06:28
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 15:59:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 11:59:22.970299 2026] [security2:error] [pid 17054:tid 17054] [client 172.70.134.140:12494] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.polymermembranes.com"] [uri "/.env.old"] [unique_id "acqd2onSBKDzDpkcEDzVDwAAADM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 14:39:06
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 10:39:00.229091 2026] [security2:error] [pid 23832:tid 23832] [client 172.70.134.140:13874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ypsisda.net"] [uri "/api/.env"] [unique_id "acqLBDytve5jAgpIeb3bfAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 10:51:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 06:51:07.771850 2026] [security2:error] [pid 22237:tid 22237] [client 172.70.134.140:12180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.booksforpoets.banis-associates.com"] [uri "/.env.save"] [unique_id "acpVm9_ggkqtbZ4Yln0I4AAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 08:50:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 04:50:05.672834 2026] [security2:error] [pid 28574:tid 28574] [client 172.70.134.140:10020] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.luzesdoamanhecer.com"] [uri "/.env.tmp"] [unique_id "aco5Pcyzbs_pbS_wTloTRwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 06:14:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 02:14:08.115731 2026] [security2:error] [pid 29267:tid 29267] [client 172.70.134.140:10978] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "photonmatrix.rotarymagnetics.com"] [uri "/.env.save"] [unique_id "acoUsMGfgYi311vQSspYywAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 05:55:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 01:55:28.544161 2026] [security2:error] [pid 11252:tid 11252] [client 172.70.134.140:10363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.perlcreative.com"] [uri "/.env.prod"] [unique_id "acoQUDXRqfT20oqmxyOYAQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 04:17:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 00:17:51.543302 2026] [security2:error] [pid 10315:tid 10322] [client 172.70.134.140:10407] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.arrowsinthequiver.com"] [uri "/.env.backup"] [unique_id "acn5b6lcoI7Aei_7QhlxhwAAAEQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack