๐ซ๐ท
tavis.page
2026-05-18 06:50:18
(1 month ago)
Blocked by UFW on server [443/tcp]
Source port: 12905
TTL: 55
Packet length: 60
TOS: 0x00
This repo ...
show more
Blocked by UFW on server [443/tcp]
Source port: 12905
TTL: 55
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-15 08:46:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:45:50.066840 2026] [security2:error] [pid 17847:tid 17882] [client 172.70.175.82:11719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "landmarkocchealth.com"] [uri "/.env.development.local"] [unique_id "agbdPkUzPAqlg5pCjSPuIQAAAFQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
acadeova
2026-04-10 12:39:21
(2 months ago)
๐จ Recon detected (nft drop)
SRC=172.70.175.82
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.175.82
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
Anonymous
2026-04-07 20:19:49
(3 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 04:41:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 00:41:43.317709 2026] [security2:error] [pid 12420:tid 12420] [client 172.70.175.82:9548] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.80corvette.com"] [uri "/.env1"] [unique_id "adCWh2S_qsVx3rAF1NIrdwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 00:18:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 20:18:39.380293 2026] [security2:error] [pid 31945:tid 31945] [client 172.70.175.82:12034] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.esmital.cl"] [uri "/var/www/.env"] [unique_id "adBY3_p7gPeIVDp3VAl4KQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 19:34:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 15:34:36.360083 2026] [security2:error] [pid 329:tid 329] [client 172.70.175.82:13579] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.johnrobinsonconsulting.com"] [uri "/.env"] [unique_id "adAWTMLeWeZviQ5fi-VWrwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 17:35:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 13:35:12.883494 2026] [security2:error] [pid 2373:tid 2373] [client 172.70.175.82:14040] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web-sitebuilder.com.convoyforkids.com"] [uri "/site/.env"] [unique_id "ac_6UKkz4W2HEm9aofbwIQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 13:17:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 09:17:29.344248 2026] [security2:error] [pid 20822:tid 20822] [client 172.70.175.82:13661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.darkestdaysclan.com"] [uri "/config/.env"] [unique_id "ac-96c8sBQW07Wd6mZp8GwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 05:02:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 01:02:39.233869 2026] [security2:error] [pid 7725:tid 7725] [client 172.70.175.82:9720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.jonathanfriend.com"] [uri "/.env.dev"] [unique_id "ac9J7-BPcVBog3Sq0ePuTQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 11:57:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 07:57:09.779138 2026] [security2:error] [pid 3517:tid 3534] [client 172.70.175.82:11898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.ethicmark.org"] [uri "/.env.dev"] [unique_id "ac5ZlScf1PKtRkaJdUD3-AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 09:15:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 05:15:50.103384 2026] [security2:error] [pid 19838:tid 19838] [client 172.70.175.82:12195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.hppagewideflorida.com"] [uri "/.env.staging"] [unique_id "acziRvxL7M2PRZCFBxHxPQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 06:33:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 02:33:22.962078 2026] [security2:error] [pid 19395:tid 19395] [client 172.70.175.82:9606] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mumawvickers.com"] [uri "/.env.dist"] [unique_id "acy8MsARWX6aolJ6xEREwgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 05:38:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 01:38:42.840092 2026] [security2:error] [pid 4405:tid 4405] [client 172.70.175.82:11779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.curriergallery.com"] [uri "/.env.json"] [unique_id "acyvYvcK8QpZcFRS7yUjEQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 16:04:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.175.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 12:04:36.594486 2026] [security2:error] [pid 13332:tid 13332] [client 172.70.175.82:10956] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.urbnet.com"] [uri "/public/.env"] [unique_id "acvwlOdKkSwG7cWVUkuy_AAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack