π―π΅
S.O.B.A. Dev.
2026-07-03 06:29:13
(5 hours ago)
Persistent port scanning or vulnerability scanning
Port Scan
πΊπΈ
TPI-Abuse
2026-06-30 13:10:29
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:10:25.251854 2026] [security2:error] [pid 8170:tid 8170] [client 172.70.80.65:9267] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.militaryordnance.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.militaryordnance.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akPAQScY_FVk9OCiE6jnFwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 15:15:29
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 11:15:22.657494 2026] [security2:error] [pid 2717506:tid 2717506] [client 172.70.80.65:13271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.humans2humans.org"] [uri "/.env.production"] [unique_id "adZxCmLmA3-2FVlme60urwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-06 21:22:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 17:22:14.262988 2026] [security2:error] [pid 266299:tid 266310] [client 172.70.80.65:10501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lasertagandgames.lasertagmetairie.com"] [uri "/.env.local"] [unique_id "adQkBjZLZQaWcVRBm4SzBAAAAQY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-06 17:43:14
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 13:43:06.238163 2026] [security2:error] [pid 654523:tid 654523] [client 172.70.80.65:12472] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.ycrlbasketball.com"] [uri "/.env.production"] [unique_id "adPwqpraAmniLumIzWE2EQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-06 15:12:00
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 11:11:51.831562 2026] [security2:error] [pid 186531:tid 186531] [client 172.70.80.65:9283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.confidantservice.com"] [uri "/.env.old"] [unique_id "adPNN5-TpMC4ya94CmL00QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-06 06:30:45
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 02:30:36.212548 2026] [security2:error] [pid 16493:tid 16493] [client 172.70.80.65:11662] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "astariafilms.com"] [uri "/.env.old"] [unique_id "adNTDGAIqqwIYuA_jJ2M3AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-06 05:06:33
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 01:06:26.383292 2026] [security2:error] [pid 3856:tid 3910] [client 172.70.80.65:12154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "michaelmercier.com"] [uri "/.env.tmp"] [unique_id "adM_UhyhMWrYH3b-yVGPzwAAAQ0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-06 01:15:35
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 21:15:30.801657 2026] [security2:error] [pid 30900:tid 30900] [client 172.70.80.65:14326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "entertainmentcapitol.com"] [uri "/.env.save"] [unique_id "adMJMsC2a4XAFRB7PRBzlQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-05 18:49:49
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 14:49:42.270849 2026] [security2:error] [pid 10854:tid 10854] [client 172.70.80.65:13620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.afdfurniture.com"] [uri "/docker/.env"] [unique_id "adKuxm_kgyoZTBKgI719rQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-05 17:24:38
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 13:24:35.356075 2026] [security2:error] [pid 1478:tid 1491] [client 172.70.80.65:13632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.visionforandfromchildren.org"] [uri "/.git/refs/heads/master"] [unique_id "adKa0_gFcKsxwRy6UYAhnQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-05 17:04:59
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 13:04:52.068056 2026] [security2:error] [pid 2458:tid 2458] [client 172.70.80.65:13755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.platinumkissband.com"] [uri "/.env.tmp"] [unique_id "adKWNJbILa_cbzDjPafnAAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-05 12:58:28
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 08:58:23.347676 2026] [security2:error] [pid 19164:tid 19176] [client 172.70.80.65:10779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "internationalbusinessschool.org"] [uri "/.envrc"] [unique_id "adJcb8aqZF-NvoaxaEh5KAAAAIY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-04 21:35:34
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 17:35:28.862242 2026] [security2:error] [pid 3357:tid 3357] [client 172.70.80.65:9925] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.twilighthackers.com"] [uri "/.env.old"] [unique_id "adGEIAwAMOHmWQ2tGcvDXwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-04 17:48:44
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 13:48:36.340433 2026] [security2:error] [pid 7387:tid 7387] [client 172.70.80.65:10362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.transportdelivery.com"] [uri "/.env.local"] [unique_id "adFO9BSEPZD1ZGOgMPu-xgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack