๐ฉ๐ช
abdubhai
2026-07-06 06:01:53
(3 days ago)
172.70.175.106 - - [06/Jul/2026:
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-25 02:23:40
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 22:23:30.315209 2026] [security2:error] [pid 7893:tid 7909] [client 172.70.175.106:9907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.undergroundinternational.com"] [uri "/.env"] [unique_id "ajyRIowTG797eARpQ2-e4gAAAE0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 07:01:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 03:01:17.353286 2026] [security2:error] [pid 1021414:tid 1021414] [client 172.70.175.106:10366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.digdesign.com"] [uri "/.env.production.local"] [unique_id "adSrvWkeYa53114YL1RalwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 22:42:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 18:42:18.127635 2026] [security2:error] [pid 502409:tid 502409] [client 172.70.175.106:11971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.haroparquet.com"] [uri "/.env.bak"] [unique_id "adQ2yolx4KSHbONqNHzSmQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 18:18:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 14:18:27.630526 2026] [security2:error] [pid 30422:tid 30422] [client 172.70.175.106:10280] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.adlc18.org"] [uri "/.env.local"] [unique_id "adKncxSSl3t1u4Q-3uUvrQAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 14:22:40
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 10:22:36.429585 2026] [security2:error] [pid 17414:tid 17414] [client 172.70.175.106:10532] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jonleefamily.brushmileage.org"] [uri "/private/.env"] [unique_id "adJwLOJNhmmeLR5yH4gtrAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 10:32:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 06:32:10.171330 2026] [security2:error] [pid 10622:tid 10622] [client 172.70.175.106:12318] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.pixzen.com"] [uri "/.env.tmp"] [unique_id "adI6KihOls1BFq07ZnK6QAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-04 12:20:55
(3 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 05:08:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 01:08:14.415402 2026] [security2:error] [pid 795:tid 795] [client 172.70.175.106:11196] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.mathsquad.com"] [uri "/.env.old"] [unique_id "adCcvk1doASsSam7QRFnqgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 13:52:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 09:52:18.543599 2026] [security2:error] [pid 20501:tid 20501] [client 172.70.175.106:13228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.prosucomexico.com"] [uri "/.env"] [unique_id "ac_GEles6yE0so721vLuEQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 05:29:30
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 01:29:11.174332 2026] [security2:error] [pid 31850:tid 31850] [client 172.70.175.106:12928] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gotomywebmail.com.globalweb123.com"] [uri "/.env.save"] [unique_id "ac9QJ3yuT_ZwKBqsl7dt2AAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 21:49:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 17:49:46.411312 2026] [security2:error] [pid 11821:tid 11821] [client 172.70.175.106:9284] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lilachost.net"] [uri "/config/.env.local"] [unique_id "ac7keorJZWCHOSHCzEC_owAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 11:58:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 07:58:08.312902 2026] [security2:error] [pid 3518:tid 3605] [client 172.70.175.106:13768] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ethicmark.org"] [uri "/.env.production.local"] [unique_id "ac5Z0KpJYReD8toXvxFkFAAAAFg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 17:31:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 13:31:43.337839 2026] [security2:error] [pid 4440:tid 4440] [client 172.70.175.106:14080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.homerbiz.com"] [uri "/.env.test"] [unique_id "ac1Wf0bJkIwn6Xar2--MwAAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 13:59:03
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 09:58:37.704196 2026] [security2:error] [pid 301:tid 301] [client 172.70.175.106:9810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sandboxspeech.org"] [uri "/.env.dev"] [unique_id "ac0kjRe8f11KeZL7H3fOCgAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack