๐ท๐บ
DZBOT
2026-07-17 09:30:59
(8 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ซ๐ท
breubit
2026-07-17 09:06:27
(9 hours ago)
2.27.17.171 - - [17/Jul/2026:11:06:27 +0200] "GET /backup/.env HTTP/1.1" 403 4463 "-" "Mozilla/5.0 ( ...
show more
2.27.17.171 - - [17/Jul/2026:11:06:27 +0200] "GET /backup/.env HTTP/1.1" 403 4463 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 (Silvy X Ran; +https://silvyxran.love; +https://silver.inc)"
...
show less
Web App Attack
๐ฉ๐ช
raph
2026-07-17 08:59:52
(9 hours ago)
[DOT FILES] crawler *.env*, .git*, .config*, etc.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:18:44
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:18:40.423823 2026] [security2:error] [pid 432143:tid 432143] [client 2.27.17.171:56362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cherryblossomplayers.com"] [uri "/.env.production"] [unique_id "alnlYDKhFYrFxceVyb8mHAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-17 07:46:35
(10 hours ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 2.27.17.171 (US/United States/vm1112 ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 2.27.17.171 (US/United States/vm111293.it-garage.network): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:55:22
(11 hours ago)
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:55:15.487527 2026] [security2:error] [pid 393032:tid 393032] [client 2.27.17.171:43344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelward.com"] [uri "/.env.save"] [unique_id "alnR00HLve8c2oCaEkAxGQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
iNetWorker
2026-07-17 06:35:12
(11 hours ago)
trolling for resource vulnerabilities
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 06:06:53
(12 hours ago)
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 02:06:50.187131 2026] [security2:error] [pid 27520:tid 27520] [client 2.27.17.171:47104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lanuevaley.com.labelrecord.com"] [uri "/.env.development"] [unique_id "alnGeihDZhnyQ3u2NYJjpgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 05:10:56
(13 hours ago)
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 01:10:47.910505 2026] [security2:error] [pid 15701:tid 15701] [client 2.27.17.171:55960] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scottwithers.net"] [uri "/.env~"] [unique_id "alm5V6AuuazRxK5SPwR6SgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 03:26:03
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:25:58.495828 2026] [security2:error] [pid 9647:tid 9647] [client 2.27.17.171:43228] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stonesandbones.theillustrator.net"] [uri "/.env.prod"] [unique_id "almgxlKUUky67ejw8bzU4wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 02:57:47
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:57:42.429964 2026] [security2:error] [pid 28091:tid 28091] [client 2.27.17.171:45796] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tttns.com"] [uri "/.env.local"] [unique_id "almaJqEKx4mSklA86bqUyAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฟ๐ฆ
conure
2026-07-17 02:52:16
(15 hours ago)
csagent: score 20.0: secrets grab x2; 1 domain(s) in 0s
Web App Attack
๐จ๐ฆ
polycoda
2026-07-17 02:42:38
(15 hours ago)
AutoBlock: ๐ฏ Vulnerability Scanner (Non Decay-Based) - โ Excessive 40X Errors (Decay-Based)
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 02:40:23
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in ...
show more
(mod_security) mod_security (id:210492) triggered by 2.27.17.171 (vm111293.it-garage.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:40:15.636342 2026] [security2:error] [pid 30914:tid 30914] [client 2.27.17.171:49036] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dwars.net"] [uri "/web/.env"] [unique_id "almWD7vNLksJQCMJy8H_xgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-17 02:07:28
(16 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack