๐บ๐ธ
mawan
2026-07-15 18:49:15
(12 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-07-11 11:09:02
(4 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฏ๐ต
S.O.B.A. Dev.
2026-06-29 21:50:46
(2 weeks ago)
Persistent port scanning or vulnerability scanning
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-24 07:27:35
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 03:27:29.585309 2026] [security2:error] [pid 11014:tid 11014] [client 172.70.250.236:12779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hiddentcgcards.com"] [uri "/.git/config"] [unique_id "ahKoYT7cvhkTBF3rm4DIGwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
trentwiles.com
2026-05-18 23:52:07
(1 month ago)
Unauthorized connection attempt detected from IP address 172.70.250.236 to port 80 [SYD]
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-11 02:39:30
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 22:39:20.617064 2026] [security2:error] [pid 31653:tid 31653] [client 172.70.250.236:14177] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ruralroutes.ca"] [uri "/.env.local"] [unique_id "agFBWMZRgKmG7cI39QFBRAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 04:20:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 00:20:10.032131 2026] [security2:error] [pid 25305:tid 25305] [client 172.70.250.236:9796] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aboutio.com"] [uri "/.git/config"] [unique_id "af61-nfZN8fJJaXXbVzAAQAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-08 07:36:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 03:36:16.325097 2026] [security2:error] [pid 25994:tid 25994] [client 172.70.250.236:9336] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "businessvaluationapp.com"] [uri "/.git/config"] [unique_id "af2ScAjTV2fk04tjVBESoQAAAC0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
trentwiles.com
2026-05-01 03:57:08
(2 months ago)
Unauthorized connection attempt detected from IP address 172.70.250.236 to port 443 [SYD]
Port Scan
๐บ๐ธ
TPI-Abuse
2026-04-30 05:04:35
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 01:04:28.568646 2026] [security2:error] [pid 20210:tid 20210] [client 172.70.250.236:11151] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.internationalavionics.com"] [uri "/.git/config"] [unique_id "afLi3FISl9xehbhDzq1ztgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
trentwiles.com
2026-04-29 01:09:47
(2 months ago)
Unauthorized connection attempt detected from IP address 172.70.250.236 to port 80 [SYD]
Port Scan
๐ฆ๐บ
trentwiles.com
2026-04-24 09:40:31
(2 months ago)
Unauthorized connection attempt detected from IP address 172.70.250.236 to port 80 [SYD]
Port Scan
๐บ๐ธ
TPI-Abuse
2026-04-23 08:52:29
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.250.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 04:52:21.163233 2026] [security2:error] [pid 29199:tid 29199] [client 172.70.250.236:10916] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carolinafootprints.com"] [uri "/.git/config"] [unique_id "aendxUAyqef5_doiVDEe1wAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Sรฉfora Srl
2026-04-22 09:01:59
(2 months ago)
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache ...
show more
Bad user agents ignoring web crawling rules. Draing bandwidth - detected by Fail2Ban in plesk-apache-badbot jail
show less
Bad Web Bot
Anonymous
2026-04-08 14:05:09
(3 months ago)
WAF repeated trigger detected by Fail2Ban
Web App Attack