๐ซ๐ท
tavis.page
2026-05-18 06:22:18
(1 month ago)
Blocked by UFW on server [443/tcp]
Source port: 13282
TTL: 55
Packet length: 60
TOS: 0x00
This repo ...
show more
Blocked by UFW on server [443/tcp]
Source port: 13282
TTL: 55
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-15 09:37:24
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 05:37:02.565110 2026] [security2:error] [pid 26592:tid 26592] [client 172.70.175.167:12437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trinidadlimo.com"] [uri "/.env.php"] [unique_id "agbpPkfOssvnEEnjdm5_QAAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:37
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-14 10:16:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 06:15:56.753679 2026] [security2:error] [pid 28174:tid 28174] [client 172.70.175.167:12431] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.darrow.biz"] [uri "/.env.local"] [unique_id "agWg3Boh80qmqdIjTVCLpQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
COMPLEX
2026-04-07 00:46:57
(3 months ago)
Unsolicited TCP traffic | Action: DROP | Port 8443
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-06 03:01:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 23:01:25.853876 2026] [security2:error] [pid 16776:tid 16776] [client 172.70.175.167:10319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.30daysout.com"] [uri "/.env.test"] [unique_id "adMiBVa265YMOx5p7-9MXQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 12:32:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 08:32:08.680777 2026] [security2:error] [pid 21985:tid 21985] [client 172.70.175.167:12490] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.woodburymeadows.org.sailyourkayak.com"] [uri "/.env.tmp"] [unique_id "adEEyPilADo0FyGcfegYKgAAADY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 19:19:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 15:19:08.651562 2026] [security2:error] [pid 28229:tid 28244] [client 172.70.175.167:13352] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maritimeclinic.net"] [uri "/backend/.env"] [unique_id "adASrPePvtlP4rMcjAg_jwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 17:54:40
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 13:54:34.408127 2026] [security2:error] [pid 22512:tid 22512] [client 172.70.175.167:11884] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "specialtycomputer.com"] [uri "/.git/refs/heads/main"] [unique_id "ac_-2v2m0ed3jvJGlMqkRAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 15:28:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 11:28:41.891681 2026] [security2:error] [pid 24638:tid 24638] [client 172.70.175.167:13033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cormanleigh.com"] [uri "/.env.old"] [unique_id "ac_cqcOmCDyF-jLJ20RGAgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 06:38:09
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 02:38:04.243844 2026] [security2:error] [pid 11775:tid 11775] [client 172.70.175.167:12114] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.securityzonepr.com"] [uri "/.env.docker"] [unique_id "ac9gTEADMPKtp7Fo2vQv1wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 02:14:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 22:14:48.994759 2026] [security2:error] [pid 17098:tid 17098] [client 172.70.175.167:12019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.insidepublications.com"] [uri "/.env"] [unique_id "ac8imGk5W9tUtXRy7uxCYgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 01:17:09
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 21:17:04.398298 2026] [security2:error] [pid 5955:tid 5955] [client 172.70.175.167:10958] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.rjdyckarchitect.com"] [uri "/.env.prod"] [unique_id "ac8VEKCLbzTNGXukVRSpTgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 17:22:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 13:22:45.758051 2026] [security2:error] [pid 18222:tid 18222] [client 172.70.175.167:11533] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.mountainjaytherapy.com"] [uri "/public/.env"] [unique_id "ac6l5fLI3ATMImNtDwVNvQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 13:26:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 09:26:54.968158 2026] [security2:error] [pid 10018:tid 10018] [client 172.70.175.167:10749] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.hawaiiantime.com"] [uri "/public/.env"] [unique_id "ac5untJGxiKR4mC09lr4_AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack