Anonymous
2026-05-14 07:53:38
(2 months ago)
(caddyscan) Scanner path probe from 172.70.34.48 (US/United States/-): 5 in the last 3600 secs; Port ...
show more
(caddyscan) Scanner path probe from 172.70.34.48 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 172.70.34.48 - - [14/May/2026:07:26:41 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.34.48 - - [14/May/2026:07:29:40 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.34.48 - - [14/May/2026:07:30:54 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.34.48 - - [14/May/2026:07:41:47 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.34.48 - - [14/May/2026:07:53:36 +0000] "GET /.git/config HTTP/1.1"
show less
Port Scan
๐บ๐ธ
mnsf
2026-04-04 18:05:42
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 03:27:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 23:26:53.181310 2026] [security2:error] [pid 21825:tid 21825] [client 172.70.34.48:12472] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.moonfest.net"] [uri "/.env"] [unique_id "ac8zfS0CO6zPLrNghZbOFAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-03-31 11:06:39
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 01:43:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 21:43:22.114240 2026] [security2:error] [pid 7819:tid 7819] [client 172.70.34.48:9279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.braintechsoftwaresolutions.com"] [uri "/.env.local"] [unique_id "acsmutBBowjBR1YQxte0rAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 18:35:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 14:35:40.269457 2026] [security2:error] [pid 26240:tid 26240] [client 172.70.34.48:12610] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.everpickon.com"] [uri "/.env.php"] [unique_id "acrCfFfYhCUnAkeuniLbuwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 18:10:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 14:10:21.323844 2026] [security2:error] [pid 10035:tid 10035] [client 172.70.34.48:14251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hazelwerner.com"] [uri "/.env.dev.local"] [unique_id "acq8jSDPfZcf8qzFDHxCeQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 17:15:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 13:15:19.441176 2026] [security2:error] [pid 30815:tid 30815] [client 172.70.34.48:9625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.webdryer.com"] [uri "/.env.example"] [unique_id "acqvp_RKj2zKHj78BcZ7ogAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 15:28:39
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 11:28:34.098052 2026] [security2:error] [pid 627:tid 627] [client 172.70.34.48:11305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.waleed-alshalan.com"] [uri "/admin/.env"] [unique_id "acqWovb7Ua5v5h7u_tVCRQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 14:55:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 10:55:50.030648 2026] [security2:error] [pid 20695:tid 20695] [client 172.70.34.48:11783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.quantrics.com"] [uri "/.env.production"] [unique_id "acqO9kIvqLta8LVKYxAKPAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 14:18:06
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 10:17:58.252827 2026] [security2:error] [pid 28780:tid 28780] [client 172.70.34.48:9278] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kerrywoodandson.com"] [uri "/.env.staging"] [unique_id "acqGFpzhhAkTq5CyBRzIBAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 12:47:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 08:47:45.890759 2026] [security2:error] [pid 28942:tid 28942] [client 172.70.34.48:12617] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lognlumber.com"] [uri "/.env.local"] [unique_id "acpw8Q4NBeXeOI8cLfi3jwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 12:09:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 08:09:51.121870 2026] [security2:error] [pid 10030:tid 10089] [client 172.70.34.48:12804] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.c22p.org"] [uri "/.env.local"] [unique_id "acpoD3SJwMLN_fHJUsHqRgAAAcM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 11:50:40
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 07:50:36.133733 2026] [security2:error] [pid 11583:tid 11583] [client 172.70.34.48:9865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.pawzy.app"] [uri "/.git/index"] [unique_id "acpjjJSfRoyBKSXUoVpQjQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 10:43:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 06:43:10.072784 2026] [security2:error] [pid 30795:tid 30795] [client 172.70.34.48:12582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.prosucomexico.com"] [uri "/.git/refs/heads/main"] [unique_id "acpTvpyL-CMifl41SXINuAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack