๐บ๐ธ
TPI-Abuse
2026-07-02 23:29:56
(6 hours ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 19:29:51.164513 2026] [security2:error] [pid 11899:tid 11899] [client 172.70.80.70:13258] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.zendogenpets.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.zendogenpets.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "akb0bz7MG9t3jhLLs3m4xwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-27 03:32:51
(6 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-06-25 22:49:32
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 00:02:37
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 20:02:29.514078 2026] [security2:error] [pid 31164:tid 31164] [client 172.70.80.70:11645] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.heavenwny.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.heavenwny.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ajxwFeKpeN6Y0ps-HYV5xgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-06-23 11:07:42
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฉ๐ช
Prodscape
2026-06-19 13:12:35
(1 week ago)
*Port Scan* detected from 172.70.80.70 (CA/Canada/-). 10 hits in the last 110 seconds; Ports: *; Dir ...
show more
*Port Scan* detected from 172.70.80.70 (CA/Canada/-). 10 hits in the last 110 seconds; Ports: *; Direction: in; Trigger: PS_LIMIT
show less
Port Scan
๐บ๐ธ
mawan
2026-06-15 22:33:39
(2 weeks ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 14:16:27
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 10:16:21.054369 2026] [security2:error] [pid 20703:tid 20703] [client 172.70.80.70:13964] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.seizetheseason.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.seizetheseason.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ahWrNRI2khuPa7JLnfxJUgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-20 21:54:42
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:54:36.826256 2026] [security2:error] [pid 29441:tid 29441] [client 172.70.80.70:12651] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.wolfmachine.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.wolfmachine.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ag4tnC_RRVACOvvSZkWnIwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-19 09:42:05
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 19 05:42:01.077252 2026] [security2:error] [pid 11201:tid 11201] [client 172.70.80.70:14025] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.heavenwny.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.heavenwny.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "agwwac8ULDm_jiv1j-R1JAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 23:42:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 19:42:09.506700 2026] [security2:error] [pid 3091931:tid 3091931] [client 172.70.80.70:12551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ai.panmaneecnc.com"] [uri "/.env.local"] [unique_id "adbn0QLsi14UNCFA3Nu1AwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 11:54:47
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 07:54:42.295569 2026] [security2:error] [pid 2606251:tid 2606251] [client 172.70.80.70:10763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.bywaterpress.com"] [uri "/.env1"] [unique_id "adZCAnmF_Nfwr2VjzZZhUQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 02:29:22
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 22:29:18.518891 2026] [security2:error] [pid 1800486:tid 1800486] [client 172.70.80.70:11959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.7bsuperfruit.com"] [uri "/backend/.env"] [unique_id "adW9fpxUAwaAD7f2N9aDPAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 20:51:13
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 16:51:06.344921 2026] [security2:error] [pid 2336877:tid 2336877] [client 172.70.80.70:11362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.miyabi-classicalacupuncture.com"] [uri "/.env.json"] [unique_id "adVuOrCqJqpZ98Seu8eH7wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-07 15:22:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.80.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 07 11:22:04.187846 2026] [security2:error] [pid 1781567:tid 1781567] [client 172.70.80.70:9636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.hisfavorite.net"] [uri "/.env.backup"] [unique_id "adUhHMroL8oanHEzXIi6_QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack