๐บ๐ธ
TPI-Abuse
2026-07-15 08:53:32
(23 hours ago)
(mod_security) mod_security (id:210730) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 04:53:26.931157 2026] [security2:error] [pid 20705:tid 20813] [client 172.70.50.156:12727] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.juantrece.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.juantrece.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "aldKhmkEk6RZCKs0BjICTgAAAhg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 18:09:04
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:08:59.699280 2026] [security2:error] [pid 20095:tid 20095] [client 172.70.50.156:12228] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.naturalacu.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.naturalacu.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akapO6tpgy6B8mqirVztawAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-06-16 14:08:36
(4 weeks ago)
172.70.50.156 - - [16/Jun/2026:1
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-20 11:37:54
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 07:37:46.943806 2026] [security2:error] [pid 17294:tid 17294] [client 172.70.50.156:11343] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.asdfwordpro.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.asdfwordpro.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ag2dCixIZ_6lcI6Cpm7b7QAAACI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
trentwiles.com
2026-05-04 20:47:47
(2 months ago)
Unauthorized connection attempt detected from IP address 172.70.50.156 to port 80 [SYD]
Port Scan
Anonymous
2026-04-14 13:22:44
(3 months ago)
[Tue Apr 14 15:22:43.440186 2026] [authz_core:error] [pid 28335] [client 172.70.50.156:14016] AH0163 ...
show more
[Tue Apr 14 15:22:43.440186 2026] [authz_core:error] [pid 28335] [client 172.70.50.156:14016] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Tue Apr 14 15:22:43.562517 2026] [authz_core:error] [pid 28335] [client 172.70.50.156:14016] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Tue Apr 14 15:22:43.723453 2026] [authz_core:error] [pid 28335] [client 172.70.50.156:14016] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-09 00:26:38
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 20:26:33.310111 2026] [security2:error] [pid 3345434:tid 3345434] [client 172.70.50.156:11834] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "corporatepedals.vanemby.com"] [uri "/.env.development"] [unique_id "adbyOaBu5f3j90M0qa6crgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 07:17:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 03:17:08.273431 2026] [security2:error] [pid 136448:tid 136448] [client 172.70.50.156:9523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.arabou.co"] [uri "/.env.test"] [unique_id "adYA9IDYDEC3lQV1IbIIIAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 05:45:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 01:45:07.997309 2026] [security2:error] [pid 1949513:tid 1949513] [client 172.70.50.156:12242] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.pintoresdecasascdmx.com"] [uri "/.env.php"] [unique_id "adXrY5urTY9R6VE2T2WJ8AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 07:30:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 03:30:03.975369 2026] [security2:error] [pid 1138962:tid 1138962] [client 172.70.50.156:13215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sandboxspeech.org"] [uri "/.env.container"] [unique_id "adSyeyiSJFNrbXL_XGkshQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-06 05:05:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 01:05:15.818660 2026] [security2:error] [pid 16773:tid 16773] [client 172.70.50.156:13165] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.semisysteme.com"] [uri "/.env.old"] [unique_id "adM_C6zB9pdEWGzeefm7xwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 11:19:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 07:19:33.005272 2026] [security2:error] [pid 27039:tid 27039] [client 172.70.50.156:13909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.teghekatu24.am"] [uri "/.env.production"] [unique_id "adJFRQh80-7n4n2T95DgfwAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 05:57:02
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 01:56:45.810755 2026] [security2:error] [pid 27745:tid 27745] [client 172.70.50.156:11520] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.new-bethel-baptist-church.com"] [uri "/.env.dev"] [unique_id "adH5nf4nQOdmpoA-_ws8BAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 02:11:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 22:11:00.248739 2026] [security2:error] [pid 18167:tid 18167] [client 172.70.50.156:9259] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.bwill.dev"] [uri "/.env.local"] [unique_id "adHEtAPbWB1bdNwzIcYihQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 01:51:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.50.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 21:51:23.253249 2026] [security2:error] [pid 4330:tid 4330] [client 172.70.50.156:11213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.antoniocobo.com"] [uri "/.env"] [unique_id "adHAGwNgjtLGbihKPpjQIQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack