๐ฉ๐ช
Blexyel
2026-07-18 04:15:06
(15 hours ago)
172.70.134.99 - - [18/Jul/2026:06:15:05 +0200] "GET /.git/info/refs HTTP/1.1" 404 548 "-" "Mozilla/5 ...
show more
172.70.134.99 - - [18/Jul/2026:06:15:05 +0200] "GET /.git/info/refs HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:29
(2 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-03-30 13:51:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:51:13.475376 2026] [security2:error] [pid 8136:tid 8136] [client 172.70.134.99:12522] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.roadtosalvation.org"] [uri "/web/.env"] [unique_id "acp_0R6Iu6pXxmBMSDwaqgAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 13:33:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:33:39.213455 2026] [security2:error] [pid 16011:tid 16011] [client 172.70.134.99:9796] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.dartylife.com"] [uri "/.env.local"] [unique_id "acp7s9mQQniq2nTJ3CK7xgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 13:01:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:01:28.451036 2026] [security2:error] [pid 8158:tid 8158] [client 172.70.134.99:11458] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.antiradares.net"] [uri "/.env.bak"] [unique_id "acp0KLV1CE82hibi0cIkWwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 12:15:19
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 08:15:10.664937 2026] [security2:error] [pid 10030:tid 10094] [client 172.70.134.99:9378] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.resort4pets.com"] [uri "/api/.env"] [unique_id "acppTnSJwMLN_fHJUsHqvgAAAcg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 11:39:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 07:38:56.452250 2026] [security2:error] [pid 12027:tid 12027] [client 172.70.134.99:9743] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.roguetechhub.com"] [uri "/.env.prod"] [unique_id "acpg0GIS8OfYRNXKkTbg7gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 06:42:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 02:42:44.448364 2026] [security2:error] [pid 18398:tid 18398] [client 172.70.134.99:13834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.curriergallery.com"] [uri "/.env.example"] [unique_id "acobZC9qkFghLua1wVv-rAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 05:57:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 01:57:08.044600 2026] [security2:error] [pid 18110:tid 18110] [client 172.70.134.99:11175] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "addictions.disabilitiesdespair.com"] [uri "/.env.backup"] [unique_id "acoQtG4qUmjrla0YK41akgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 04:53:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 00:53:38.932872 2026] [security2:error] [pid 26952:tid 26952] [client 172.70.134.99:10206] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.asian-aerospace.christinepeat.com"] [uri "/.env.development"] [unique_id "acoB0vg4KMhGcMwy2EpZzgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 03:29:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 23:29:25.189219 2026] [security2:error] [pid 16816:tid 16816] [client 172.70.134.99:11234] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.projects.crep-psych.org"] [uri "/.env.production.local"] [unique_id "acnuFVPZG7WLAKtipCR0mwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 01:44:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 21:44:07.523450 2026] [security2:error] [pid 14617:tid 14617] [client 172.70.134.99:11650] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.q-hse.net"] [uri "/config/.env"] [unique_id "acnVZ7ZdzqSibpcC8_jdSAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 01:08:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 21:08:06.652794 2026] [security2:error] [pid 8487:tid 8502] [client 172.70.134.99:11686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.rbarw.com"] [uri "/.git/refs/heads/main"] [unique_id "acnM9h37ib7clShUFCqPNAAAAEs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 22:41:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 18:41:38.088618 2026] [security2:error] [pid 11559:tid 11559] [client 172.70.134.99:10315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eranconstruction.com.eran.construction"] [uri "/.env.development"] [unique_id "acmqovIimzOrmQ81sKqVKgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 20:28:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.134.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 16:28:29.401980 2026] [security2:error] [pid 22522:tid 22522] [client 172.70.134.99:9456] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "norkyn.austli.com"] [uri "/root/.env"] [unique_id "acmLbVKo7o9hBU6UzvrfKgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack