Anonymous
2026-05-14 08:03:57
(1 month ago)
(caddyscan) Scanner path probe from 172.70.35.107 (US/United States/-): 5 in the last 3600 secs; Por ...
show more
(caddyscan) Scanner path probe from 172.70.35.107 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 172.70.35.107 - - [14/May/2026:07:43:54 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.35.107 - - [14/May/2026:07:44:24 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.35.107 - - [14/May/2026:07:58:32 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.35.107 - - [14/May/2026:07:59:29 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.70.35.107 - - [14/May/2026:08:03:50 +0000] "GET /.git/config HTTP/1.1"
show less
Port Scan
πΊπΈ
mnsf
2026-04-07 18:05:36
(2 months ago)
Login Too Frequent (8)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-04-05 19:05:25
(2 months ago)
Scanning/Probing (21)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-03 10:52:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 06:52:42.274860 2026] [security2:error] [pid 15697:tid 15697] [client 172.70.35.107:9906] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.upperbearcreek.net"] [uri "/.env"] [unique_id "ac-b-kSqhaQ7fKTiBC1u0QAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-04-01 04:05:42
(3 months ago)
Scanning/Probing (21)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-31 06:14:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 02:14:29.950752 2026] [security2:error] [pid 302:tid 302] [client 172.70.35.107:10272] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.revision.ws"] [uri "/www/.env"] [unique_id "actmRcLMGopBAYisMMcd7QAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-03-31 02:05:49
(3 months ago)
Scanning/Probing (16)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 17:54:03
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 13:53:57.222510 2026] [security2:error] [pid 8527:tid 8527] [client 172.70.35.107:12974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.victorg.me"] [uri "/web/.env"] [unique_id "acq4tWEtxdEYyqggu4CQ3AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 13:46:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:45:53.124316 2026] [security2:error] [pid 12568:tid 12568] [client 172.70.35.107:11170] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yeejia.net"] [uri "/.env.tmp"] [unique_id "acp-kQTW0Lk42qrCfIQe9wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 13:22:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:21:58.277818 2026] [security2:error] [pid 5480:tid 5480] [client 172.70.35.107:10308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web179.dnchosting.com"] [uri "/backend/.env"] [unique_id "acp49i-ixqDFGlfj9VFkDgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 10:56:40
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 06:56:35.887667 2026] [security2:error] [pid 32616:tid 32616] [client 172.70.35.107:12195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.techsunlimited.net"] [uri "/.env.development"] [unique_id "acpW4y4m9sKI14javlH4IwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 07:13:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 03:13:21.164516 2026] [security2:error] [pid 29106:tid 29106] [client 172.70.35.107:11416] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cathayexpress.com"] [uri "/.env.development"] [unique_id "acoika4P2T7HhTNhUz1OFwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 06:35:09
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 02:34:59.237065 2026] [security2:error] [pid 26419:tid 26419] [client 172.70.35.107:9255] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nothotmail.org"] [uri "/var/www/.env"] [unique_id "acoZk2fZYgjAe_n1l-6EbAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 04:55:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 00:55:10.485690 2026] [security2:error] [pid 11624:tid 11624] [client 172.70.35.107:13155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.starktigers75.com"] [uri "/.env.test"] [unique_id "acoCLkHWNfdtbPy-u8dfNwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-30 04:11:54
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.35.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 00:11:48.544889 2026] [security2:error] [pid 2835:tid 2856] [client 172.70.35.107:9585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.scribblism.com"] [uri "/.git/refs/heads/master"] [unique_id "acn4BETWKZMpBENURQlriAAAAJM"]
show less
Brute-Force
Bad Web Bot
Web App Attack