๐บ๐ธ
mawan
2026-07-07 08:19:31
(13 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2026-04-08 20:19:57
(2 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 11:39:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 07:39:35.353055 2026] [security2:error] [pid 1343337:tid 1343337] [client 172.70.174.149:12586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.srippy.com"] [uri "/.env2"] [unique_id "adTs9x_54Z0beVFGklrrCAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 13:55:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 09:55:48.183899 2026] [security2:error] [pid 23487:tid 23487] [client 172.70.174.149:13776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cctaxpro.com"] [uri "/.git/refs/heads/main"] [unique_id "adJp5Ap1-T_RB4zYc_ln6wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 12:09:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 08:09:17.040958 2026] [security2:error] [pid 22848:tid 22848] [client 172.70.174.149:11486] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.rejuvenationresources.com"] [uri "/.env"] [unique_id "adJQ7UOTcEIcLu2GouuuQgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 04:48:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 00:48:34.116951 2026] [security2:error] [pid 1625:tid 1625] [client 172.70.174.149:9595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.vrbsroma.com"] [uri "/.env.development"] [unique_id "adHpojCCmEcBkh4pJkGBkAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 20:53:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 16:53:24.030867 2026] [security2:error] [pid 26796:tid 26796] [client 172.70.174.149:9494] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.creartest.com"] [uri "/.env.example"] [unique_id "adF6RLIRe3vmDSvt_-EbQwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 19:36:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 15:36:10.890432 2026] [security2:error] [pid 32138:tid 32138] [client 172.70.174.149:13695] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "letceteragifts.kathrynmcbride.com"] [uri "/admin/.env"] [unique_id "adFoKp48muCslXKSJjFNrwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 00:18:09
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 20:18:00.102165 2026] [security2:error] [pid 28538:tid 28538] [client 172.70.174.149:12898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.esmital.cl"] [uri "/.env.php"] [unique_id "adBYuI3WTTyWVwFDNPmqpQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 18:24:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 14:24:11.205051 2026] [security2:error] [pid 25916:tid 25916] [client 172.70.174.149:10655] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.tarekshohaieb.online"] [uri "/.git/refs/heads/main"] [unique_id "adAFyxDV8zHU5pG1msyOswAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 13:17:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 09:17:48.594070 2026] [security2:error] [pid 21609:tid 21609] [client 172.70.174.149:10300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.darkestdaysclan.com"] [uri "/app/.env"] [unique_id "ac-9_FDImsQxl_bg2G2ddQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 06:13:10
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 02:13:03.712765 2026] [security2:error] [pid 23503:tid 23503] [client 172.70.174.149:11383] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.transcapitalsolutions.com"] [uri "/.env"] [unique_id "ac4I7xi6YtICXDgzT5aM9wAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 15:38:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 11:38:08.451529 2026] [security2:error] [pid 16245:tid 16245] [client 172.70.174.149:11289] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vtwins.us"] [uri "/.env.prod"] [unique_id "ac074A5NuDtROQfw9cpFJwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 13:59:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 09:58:42.346768 2026] [security2:error] [pid 2139:tid 2139] [client 172.70.174.149:9515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sandboxspeech.org"] [uri "/.env_settings"] [unique_id "ac0kkt-AjhcA5MiRotTsPQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 13:13:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.174.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 09:12:58.367290 2026] [security2:error] [pid 13450:tid 13550] [client 172.70.174.149:13691] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.thedowntonstory.com"] [uri "/.env.old"] [unique_id "ac0Z2lmHx0jQpkKu-EHVIQAAAhY"]
show less
Brute-Force
Bad Web Bot
Web App Attack