๐บ๐ธ
TPI-Abuse
2026-07-13 03:05:03
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 23:04:55.672802 2026] [security2:error] [pid 22381:tid 22381] [client 172.71.164.94:10375] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naturev.net"] [uri "/.env.production"] [unique_id "alRV147Ys81xwat3IqnaqgAAAAw"], referer: https://www.google.com/search?q=naturev.net
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
BiancaNL
2026-06-25 19:52:24
(2 weeks ago)
Fail2Ban: jail=nginx-exploit-probes on <fqdn> (port=<port>)
Hacking
๐ฉ๐ช
strxmpp
2026-06-10 05:38:57
(1 month ago)
172.71.164.94 - - [10/Jun/2026:07:38:56 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 404 4552 ...
show more
172.71.164.94 - - [10/Jun/2026:07:38:56 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 404 4552 "-" "http://jabberzueri.ch/wp-admin/install.php?step=1"
...
show less
Bad Web Bot
๐ซ๐ท
masterguru
2026-04-06 18:49:44
(3 months ago)
Blocked Cloudflare Worker request. Pattern match "." at REQUEST_HEADERS:Cf-Worker. (5025-196)
Hacking
๐ฉ๐ช
abdubhai
2026-04-06 05:13:22
(3 months ago)
172.71.164.94 - - [06/Apr/2026:1
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-05 07:25:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 03:25:44.025837 2026] [security2:error] [pid 27938:tid 27938] [client 172.71.164.94:10298] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casualmeditations.banis-associates.com"] [uri "/.git/index"] [unique_id "adIOeBCUfmLNYN48HI4tsgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 05:08:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 01:08:03.440102 2026] [security2:error] [pid 13567:tid 13567] [client 172.71.164.94:9587] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.sourcecodeportal.com"] [uri "/.git/index"] [unique_id "adHuMxbAuhVPZKFE_jmeVgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-04-04 17:05:27
(3 months ago)
Scanning/Probing (19)
Brute-Force
Web App Attack
๐ฒ๐พ
Rizzy
2026-04-04 13:37:01
(3 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ญ๐บ
szasa
2026-04-04 07:06:42
(3 months ago)
2026/04/04 09:06:41 [error] 2834230#2834230: *12031887 access forbidden by rule, client: 172.71.164. ...
show more
2026/04/04 09:06:41 [error] 2834230#2834230: *12031887 access forbidden by rule, client: 172.71.164.94, server: datamentor.hu, request: "GET /.git/HEAD HTTP/2.0", host: "datamentor.hu"
2026/04/04 09:06:41 [error] 2834230#2834230: *12031888 access forbidden by rule, client: 172.71.164.94, server: datamentor.hu, request: "GET /.git/index HTTP/2.0", host: "datamentor.hu"
2026/04/04 09:06:41 [error] 2834230#2834230: *12031887 access forbidden by rule, client: 172.71.164.94, server: datamentor.hu, request: "GET /backend/.env HTTP/2.0", host: "datamentor.hu"
2026/04/04 09:06:41 [error] 2834230#2834230: *12031887 access forbidden by rule, client: 172.71.164.94, server: datamentor.hu, request: "GET /api/.env HTTP/2.0", host: "datamentor.hu"
...
show less
Web App Attack
๐ฉ๐ช
Holger
2026-04-04 01:19:45
(3 months ago)
URL probing: GET /admin/.env
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 00:38:55
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 20:38:47.474188 2026] [security2:error] [pid 29274:tid 29274] [client 172.71.164.94:9903] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jeanlouisdarville.com"] [uri "/.env.local"] [unique_id "adBdl02IB9hL8cqoXmsskAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-04-03 16:05:21
(3 months ago)
Scanning/Probing (14)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 14:35:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.164.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 10:35:37.156413 2026] [security2:error] [pid 30476:tid 30476] [client 172.71.164.94:13374] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.usbea.liftreading.com"] [uri "/.envrc"] [unique_id "ac_QORrGHLm4beiEUmaOowAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-04-03 12:17:04
(3 months ago)
Blocked Cloudflare Worker request. Pattern match "." at REQUEST_HEADERS:cf-worker. (5025-195)
Hacking