๐ฏ๐ต
Kinsei Engineering Inc.
2026-07-13 02:27:59
(11 hours ago)
UFW:High-frequency access to unused ports
Port Scan
๐ฏ๐ต
Kinsei Engineering Inc.
2026-06-21 17:54:44
(3 weeks ago)
UFW:High-frequency access to unused ports
Port Scan
๐บ๐ธ
TPI-Abuse
2026-03-29 22:49:09
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 18:49:01.956866 2026] [security2:error] [pid 32410:tid 32410] [client 172.70.115.239:10465] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kelting.net"] [uri "/public/.env"] [unique_id "acmsXWryaCK8l7JYduNQpwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 20:43:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 16:43:07.516657 2026] [security2:error] [pid 2564:tid 2564] [client 172.70.115.239:9635] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.michaelandkatie.us"] [uri "/var/www/.env"] [unique_id "acmO22-fdwPHncKDotCiIgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 08:05:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 04:05:50.711605 2026] [security2:error] [pid 12977:tid 12977] [client 172.70.115.239:11809] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.trhs70.com"] [uri "/.env"] [unique_id "abz_3jdHCZPiRCRsTPqT6AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 07:35:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 03:35:09.799320 2026] [security2:error] [pid 12769:tid 12779] [client 172.70.115.239:13794] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.yourwitch.com"] [uri "/.env.tmp"] [unique_id "abz4rSzraiRPjSyRkKfPvwAAAUU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 05:32:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 01:32:38.967958 2026] [security2:error] [pid 2443:tid 2443] [client 172.70.115.239:10558] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ohanameetup.party"] [uri "/admin/.env"] [unique_id "abzb9uJmIgqrpBMzIDCOUwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:33:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:32:58.681529 2026] [security2:error] [pid 15837:tid 15837] [client 172.70.115.239:9272] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cbrtome.cl"] [uri "/.env"] [unique_id "abzN-gFUA9Lhk2e05wIi0AAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 02:52:40
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 22:52:34.654360 2026] [security2:error] [pid 10845:tid 10845] [client 172.70.115.239:10989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.osmanhc.com"] [uri "/.env.bak"] [unique_id "aby2cpX-gyBfMiXhIEUzaAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 02:14:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 22:14:30.874820 2026] [security2:error] [pid 10882:tid 10882] [client 172.70.115.239:13090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cromaki.com"] [uri "/.env.development"] [unique_id "abythr19a4_kxPI_unHPWAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 01:39:39
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.115.239 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:39:30.533358 2026] [security2:error] [pid 2689:tid 2689] [client 172.70.115.239:11824] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.mveitlogistics.com"] [uri "/backend/.env"] [unique_id "abylUs7fB4wy6e7olhdxtAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Dunham Support
2025-12-07 15:09:19
(7 months ago)
(wordpress) Failed wordpress login from 172.70.115.239 (US/United States/-)
Brute-Force
Anonymous
2025-10-24 09:24:14
(8 months ago)
[Fri Oct 24 11:24:10.854248 2025] [authz_core:error] [pid 26964] [client 172.70.115.239:12379] AH016 ...
show more
[Fri Oct 24 11:24:10.854248 2025] [authz_core:error] [pid 26964] [client 172.70.115.239:12379] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Oct 24 11:24:12.001638 2025] [authz_core:error] [pid 26964] [client 172.70.115.239:12379] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Oct 24 11:24:13.192944 2025] [authz_core:error] [pid 26964] [client 172.70.115.239:12379] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
octageeks.com
2025-09-22 04:07:07
(9 months ago)
Wordpress malicious attack:[octablocked]
Web App Attack
Anonymous
2025-09-08 18:20:59
(10 months ago)
[Mon Sep 08 20:20:57.656794 2025] [authz_core:error] [pid 14775] [client 172.70.115.239:18562] AH016 ...
show more
[Mon Sep 08 20:20:57.656794 2025] [authz_core:error] [pid 14775] [client 172.70.115.239:18562] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Sep 08 20:20:58.180544 2025] [authz_core:error] [pid 14775] [client 172.70.115.239:18562] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Sep 08 20:20:58.528893 2025] [authz_core:error] [pid 14775] [client 172.70.115.239:18562] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack