๐ณ๐ฑ
COMPLEX
2026-07-03 02:35:22
(1 week ago)
Unsolicited TCP traffic | Action: DROP | Port 8443
Brute-Force
๐ฉ๐ช
acadeova
2026-06-14 06:29:36
(4 weeks ago)
๐จ Recon detected (nft drop)
SRC=172.70.34.28
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journa ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.34.28
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ฉ๐ช
acadeova
2026-05-31 18:02:11
(1 month ago)
๐จ Recon detected (nft drop)
SRC=172.70.34.28
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journa ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.34.28
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-15 08:16:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:15:43.922642 2026] [security2:error] [pid 30971:tid 30971] [client 172.70.34.28:10015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.moanddoyle.michaelprussin.com"] [uri "/.env.vercel"] [unique_id "agbWL320uuyMK05H9_pSagAAAAU"], referer: https://www.google.com/search?q=www.moanddoyle.michaelprussin.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 11:17:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 07:17:03.064381 2026] [security2:error] [pid 18440:tid 18440] [client 172.70.34.28:13345] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "theneighborswindow.com"] [uri "/.git/config"] [unique_id "af8Xr1P_T5D04e3tiEJiAAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
David Ferneding
2026-04-14 15:37:47
(2 months ago)
Blocked by UFW (TCP on 80)
Source port: 37459
TTL: 57
Packet length: 60
TOS: 0x00
This report (for ...
show more
Blocked by UFW (TCP on 80)
Source port: 37459
TTL: 57
Packet length: 60
TOS: 0x00
This report (for 172.70.34.28) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Web App Attack
๐บ๐ธ
mnsf
2026-04-06 01:05:37
(3 months ago)
Scanning/Probing (23)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-05 00:05:18
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-03 10:05:19
(3 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-31 07:05:28
(3 months ago)
Scanning/Probing (14)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 13:59:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 09:59:26.996353 2026] [security2:error] [pid 29875:tid 29875] [client 172.70.34.28:9564] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jrpiano.com"] [uri "/.env.bak"] [unique_id "acqBvkCRKxgfHJxUoNCAFgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 06:33:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 02:33:40.892145 2026] [security2:error] [pid 29179:tid 29179] [client 172.70.34.28:11389] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.nothotmail.org"] [uri "/.env.dist"] [unique_id "acoZRAvJpDNaEjS9ZqG5xwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-03-30 06:06:09
(3 months ago)
Scanning/Probing (14)
Brute-Force
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-03-30 03:22:53
(3 months ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-mnz6-1)
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 02:55:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.34.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 22:55:14.929017 2026] [security2:error] [pid 20483:tid 20483] [client 172.70.34.28:13189] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.billfried.net"] [uri "/private/.env"] [unique_id "acnmEiLTEhDmsN1tH7fwHAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack