Anonymous
2026-07-13 16:19:49
(1 day ago)
Aggressive web scan
Web App Attack
๐ฆ๐ฑ
router.al
2026-07-12 23:25:40
(2 days ago)
07/12/2026-23:25:38.569601 172.70.80.110 Protocol: 6 ET SCAN LeakIX Inbound User-Agent
Hacking
๐ฉ๐ช
www.mammazone.it
2026-07-11 16:46:06
(3 days ago)
[Sat Jul 11 18:46:05.789158 2026] [proxy_fcgi:error] [pid 1952016] [client 172.70.80.110:12409] AH01 ...
show more
[Sat Jul 11 18:46:05.789158 2026] [proxy_fcgi:error] [pid 1952016] [client 172.70.80.110:12409] AH01071: Got error 'Primary script unknown'
[Sat Jul 11 18:46:06.368336 2026] [proxy_fcgi:error] [pid 1952016] [client 172.70.80.110:12409] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
๐ฉ๐ช
www.mammazone.it
2026-07-08 15:35:07
(6 days ago)
[Wed Jul 08 17:35:06.895480 2026] [proxy_fcgi:error] [pid 1224651] [client 172.70.80.110:11309] AH01 ...
show more
[Wed Jul 08 17:35:06.895480 2026] [proxy_fcgi:error] [pid 1224651] [client 172.70.80.110:11309] AH01071: Got error 'Primary script unknown'
[Wed Jul 08 17:35:07.343149 2026] [proxy_fcgi:error] [pid 1224651] [client 172.70.80.110:11309] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-23 04:59:20
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 00:59:12.329900 2026] [security2:error] [pid 16415:tid 16415] [client 172.70.80.110:11910] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "marshdcs.com"] [uri "/.env.production"] [unique_id "ajoSoNbSVG_Mwgo7LjAitwAAABY"], referer: https://www.google.com/search?q=marshdcs.com
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-18 08:49:37
(3 weeks ago)
Aggressive web scan
Web App Attack
Anonymous
2026-06-16 11:54:37
(4 weeks ago)
Aggressive web scan
Web App Attack
๐ง๐ฌ
Stoyko Stoykov
2026-06-15 21:01:11
(4 weeks ago)
172.70.80.110 - - [16/Jun/2026:00:01:10 +0300] "GET /.env.stage HTTP/2.0" 404 1854 "-" "Mozilla/5.0 ...
show more
172.70.80.110 - - [16/Jun/2026:00:01:10 +0300] "GET /.env.stage HTTP/2.0" 404 1854 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
www.mammazone.it
2026-06-11 21:14:20
(1 month ago)
[Thu Jun 11 23:14:20.225235 2026] [proxy_fcgi:error] [pid 3762354] [client 172.70.80.110:11832] AH01 ...
show more
[Thu Jun 11 23:14:20.225235 2026] [proxy_fcgi:error] [pid 3762354] [client 172.70.80.110:11832] AH01071: Got error 'Primary script unknown'
[Thu Jun 11 23:14:20.465609 2026] [proxy_fcgi:error] [pid 3762354] [client 172.70.80.110:11832] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-09 12:10:49
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:10:41.923858 2026] [security2:error] [pid 18060:tid 18060] [client 172.70.80.110:12389] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.gamedayincentives.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.gamedayincentives.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "aigCwWoEZUs8uprtxsEmMAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Axel
2026-06-09 06:02:02
(1 month ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.env Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-08 12:41:26
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 08:41:21.839470 2026] [security2:error] [pid 20523:tid 20523] [client 172.70.80.110:11196] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.yourbrandhere.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.yourbrandhere.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "aia4cepySgtzW7_w-BXu_AAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 15:56:47
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.110 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 11:56:40.926332 2026] [security2:error] [pid 21576:tid 21576] [client 172.70.80.110:11654] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.900west.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.900west.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ahRxOKHnFDXeQMGX3hYyiwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
www.mammazone.it
2026-05-21 18:03:13
(1 month ago)
[Thu May 21 20:03:12.982382 2026] [proxy_fcgi:error] [pid 763173] [client 172.70.80.110:9856] AH0107 ...
show more
[Thu May 21 20:03:12.982382 2026] [proxy_fcgi:error] [pid 763173] [client 172.70.80.110:9856] AH01071: Got error 'Primary script unknown'
...
show less
Hacking
Web App Attack
๐ฒ๐ฝ
octageeks.com
2026-05-18 04:06:42
(1 month ago)
Wordpress malicious attack:[octaflood]
Web App Attack