๐บ๐ธ
mawan
2026-07-11 13:18:05
(6 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-07-07 19:51:34
(3 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 07:29:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 03:29:48.112856 2026] [security2:error] [pid 14403:tid 14403] [client 172.70.134.158:14304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jpastordesign.com.jpastorphotographics.com"] [uri "/.env.save"] [unique_id "agbLbIPL9468dWO04GLPqAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-04-22 21:59:36
(2 months ago)
Auto-ban: >3000 req/min op 2026-04-22
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-03-30 17:50:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 13:50:29.938002 2026] [security2:error] [pid 5312:tid 5312] [client 172.70.134.158:14043] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.rahjx.net"] [uri "/.env_secret"] [unique_id "acq35Qh0QVBgzg1yVeemaQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 16:04:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 12:04:47.978836 2026] [security2:error] [pid 27733:tid 27733] [client 172.70.134.158:12749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rschaefer.net"] [uri "/.env.backup"] [unique_id "acqfH6PiGZakfBKnn3wjuwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 15:13:06
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 11:12:59.167691 2026] [security2:error] [pid 14344:tid 14344] [client 172.70.134.158:12007] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.gregdember.com"] [uri "/.env.dev"] [unique_id "acqS-_smOb4hWHCBCq36kQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 12:59:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 08:59:44.695389 2026] [security2:error] [pid 23170:tid 23170] [client 172.70.134.158:12966] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.greensealusa.com"] [uri "/.env.prod"] [unique_id "acpzwHEpVsTfnhdrM6j7jgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 12:32:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 08:31:52.919543 2026] [security2:error] [pid 24134:tid 24260] [client 172.70.134.158:13673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.thatspecial.com"] [uri "/.env.dev"] [unique_id "acptOBXvKP1-59EiGN5JfAAAAQ8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 12:06:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 08:06:28.863490 2026] [security2:error] [pid 13497:tid 13497] [client 172.70.134.158:10953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.caribbeantanz.postermodelsworldwideinc.com"] [uri "/.env.orig"] [unique_id "acpnREUFinBmCI4ott2mngAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 11:49:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 07:49:52.219473 2026] [security2:error] [pid 29880:tid 29880] [client 172.70.134.158:12734] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.sternscape.com"] [uri "/.env.tmp"] [unique_id "acpjYLHCudSGAWpoXGqAogAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 11:25:27
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 07:25:23.700216 2026] [security2:error] [pid 10160:tid 10160] [client 172.70.134.158:10136] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.asbechiro.com"] [uri "/.env.production"] [unique_id "acpdo8GkcUnUDYx4aTnnvAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 09:46:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 05:46:49.579129 2026] [security2:error] [pid 24899:tid 24899] [client 172.70.134.158:9892] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobresearchinc.com"] [uri "/.git/refs/heads/master"] [unique_id "acpGiWWXma9NLVrDQNqXlAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 07:14:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 03:14:03.416194 2026] [security2:error] [pid 5728:tid 5728] [client 172.70.134.158:13144] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beyond.best"] [uri "/.env.save"] [unique_id "acoiuxbMHSN5bObxaDYMXgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 05:12:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.158 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 01:12:29.028477 2026] [security2:error] [pid 12284:tid 12309] [client 172.70.134.158:9742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mojodelicatesse.com.oplconnect.com"] [uri "/.git/logs/HEAD"] [unique_id "acoGPf5lgpAlMQLGTlqufwAAAFY"]
show less
Brute-Force
Bad Web Bot
Web App Attack