๐ฉ๐ช
Admins@FBN
2026-07-08 00:24:09
(1 day ago)
FW-PortScan: Traffic Blocked srcport=12308 dstport=443
Port Scan
Anonymous
2026-07-06 00:34:06
(3 days ago)
suricata IPS/IDS detection, ruleset ET SCAN Bing Webcrawler User-Agent (BingBot)
Port Scan
๐จ๐ญ
backslash
2026-06-21 08:18:00
(2 weeks ago)
block ruleset bad bot: misc bad content F608233CC4C86EE814CE8DDDA9C4A0D3C79882F6
Bad Web Bot
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:55
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-09 19:41:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 15:41:15.267322 2026] [security2:error] [pid 28023:tid 28023] [client 172.70.42.40:12929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stevedemers.com"] [uri "/.git/config"] [unique_id "af-N2-fFvQ0njc8rmIBs2gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 21:53:38
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 17:53:31.767754 2026] [security2:error] [pid 10141:tid 10177] [client 172.70.42.40:10820] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.philacentric.com"] [uri "/admin/.env"] [unique_id "ac7lW4JgizknemEriLtYdwAAAQA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 06:49:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 02:49:50.294552 2026] [security2:error] [pid 18104:tid 18104] [client 172.70.42.40:10519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.thewhoscountingband.com"] [uri "/.git/refs/heads/main"] [unique_id "ac4RjhubK6wIpJF6VVtdzwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 20:35:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 16:35:30.423424 2026] [security2:error] [pid 8542:tid 8542] [client 172.70.42.40:13099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.qualityelevatorcabs.com"] [uri "/.env.dist"] [unique_id "ac2BkiKH3G2sWxbxZnfz_AAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 18:01:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 14:01:10.513266 2026] [security2:error] [pid 7935:tid 7935] [client 172.70.42.40:13080] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caminorfoundation.org"] [uri "/.env.docker"] [unique_id "ac1dZiXotWhNZsqefupfVgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 17:36:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 13:36:40.229555 2026] [security2:error] [pid 4279:tid 4279] [client 172.70.42.40:13540] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hardemancountyjournal.com"] [uri "/.env_config"] [unique_id "ac1XqI8qn6wnenDfNLKesAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 07:38:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 03:38:11.596221 2026] [security2:error] [pid 19331:tid 19331] [client 172.70.42.40:11519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aykonak.com.qcyprus.com"] [uri "/config/.env.local"] [unique_id "aczLY9_psjdlSfYHNNXqeAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 07:22:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 03:22:36.767391 2026] [security2:error] [pid 14765:tid 14765] [client 172.70.42.40:11140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.protection4allsecurity.com"] [uri "/admin/.env"] [unique_id "aczHvIVqiIJ70T5QqmLSoQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 06:27:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 02:27:46.293355 2026] [security2:error] [pid 12084:tid 12084] [client 172.70.42.40:13275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.valueproducersalliance.org"] [uri "/backend/.env"] [unique_id "acy64vfTKA5n-1P7UAEb7wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 05:00:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 01:00:09.624920 2026] [security2:error] [pid 19982:tid 19982] [client 172.70.42.40:9703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.amybeam.com"] [uri "/.env_settings"] [unique_id "acymWUshppijR2CR0EzYbQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 00:18:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.42.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 20:18:36.005066 2026] [security2:error] [pid 23880:tid 23880] [client 172.70.42.40:12494] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.digitalmarketing-group.com"] [uri "/.env.old"] [unique_id "acxkXKhWat49VieDjmmvXQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack