๐บ๐ธ
TPI-Abuse
2026-05-25 17:16:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 13:16:37.200222 2026] [security2:error] [pid 2333:tid 2333] [client 172.70.42.162:11666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pleatpindrapes.sternscape.com"] [uri "/.env.local"] [unique_id "ahSD9fTnhQ-UeZK5RMK6HAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 02:35:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 22:35:14.767859 2026] [security2:error] [pid 9970:tid 9970] [client 172.70.42.162:14280] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "louisianamasons.anthonyjoseph.us"] [uri "/.env.old"] [unique_id "ac8nYqiTQeUUflJdfPpnDwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 22:10:03
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 18:09:53.743442 2026] [security2:error] [pid 15149:tid 15149] [client 172.70.42.162:11435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fantasysportstherapy1.michaelward.com"] [uri "/.env2"] [unique_id "ac7pMdM0De-6FotOR7V7FQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 04:35:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 00:35:03.774600 2026] [security2:error] [pid 29013:tid 29147] [client 172.70.42.162:11683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.oohrah.us"] [uri "/config/.env.local"] [unique_id "ac3x94vc5eNVkcDi9w_D1wAAAJA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 11:45:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 07:45:14.222611 2026] [security2:error] [pid 24907:tid 24907] [client 172.70.42.162:13056] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.oxfordgliding.com"] [uri "/.env.backup"] [unique_id "ac0FSkVfCgaQGgdLdY9CeAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 07:25:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 03:25:30.799735 2026] [security2:error] [pid 14768:tid 14768] [client 172.70.42.162:12418] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.protection4allsecurity.com"] [uri "/server/.env"] [unique_id "aczIamcgm5Wpw45vq7TvEgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 13:27:15
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 09:27:08.228794 2026] [security2:error] [pid 21991:tid 22002] [client 172.70.42.162:10311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lilapalooza.opticaldesignconcepts.com"] [uri "/.env.local"] [unique_id "acvLrOO9mt6DhtRylkeEkgAAAIc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 11:27:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 07:27:44.932576 2026] [security2:error] [pid 6526:tid 6526] [client 172.70.42.162:12958] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.gwenwaltersartrep.com"] [uri "/.env2"] [unique_id "acuvsC8M_5oNxSfp50y3JQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 08:45:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 04:45:25.430959 2026] [security2:error] [pid 1992:tid 1992] [client 172.70.42.162:12343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "holgerfeld.internetnameregistration.com"] [uri "/admin/.env"] [unique_id "acuJpXqYayKoSeUQCVdgjAAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 07:55:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 03:55:41.091929 2026] [security2:error] [pid 2355:tid 2355] [client 172.70.42.162:11504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.memrfixitok.com"] [uri "/srv/.env"] [unique_id "act9_WfaWgln1YAC_mXHlgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 04:15:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 00:15:16.902251 2026] [security2:error] [pid 1163:tid 1163] [client 172.70.42.162:12856] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.styxwetworld.com"] [uri "/.env.test"] [unique_id "actKVOcrFee2RQYiq7Bk_AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 03:59:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 23:58:49.931233 2026] [security2:error] [pid 29777:tid 29777] [client 172.70.42.162:10829] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.franchiseconsultants.biz"] [uri "/.env.test"] [unique_id "actGeVkOduBHB5l-oZbJiwAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
acadeova
2026-03-23 22:07:27
(3 months ago)
๐จ Recon detected (nft drop)
SRC=172.70.42.162
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.42.162
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ฉ๐ช
acadeova
2026-03-11 19:10:05
(3 months ago)
๐จ Recon detected (nft drop)
SRC=172.70.42.162
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.42.162
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ฉ๐ช
acadeova
2026-02-22 10:56:13
(4 months ago)
๐จ Recon detected (nft drop)
SRC=172.70.42.162
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=172.70.42.162
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan