๐บ๐ธ
TPI-Abuse
2026-07-13 17:59:16
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 13:59:10.788975 2026] [security2:error] [pid 7207:tid 7207] [client 172.71.120.69:9679] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.taacorp.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.taacorp.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "alUnbvTIyY3J6vy72ZXl3wAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 12:01:14
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 08:01:09.352778 2026] [security2:error] [pid 21942:tid 21942] [client 172.71.120.69:11989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "deltad.net"] [uri "/.env.dist"] [unique_id "ajaBBW4XPbNHlw3PaknC5gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Sรฉfora Srl
2026-06-17 06:02:29
(1 month ago)
Failed attempt detected by Fail2Ban in plesk-wordpress jail
Web App Attack
๐บ๐ธ
mnsf
2026-06-11 18:05:29
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-05 14:32:05
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 10:32:02.365672 2026] [security2:error] [pid 8844:tid 8844] [client 172.71.120.69:11977] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.csme-eprr.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.csme-eprr.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "afn_YgN_rNlCQHDn_r6czAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ป๐ณ
cimee
2026-04-26 06:56:56
(2 months ago)
This IP accessed the path /.env.example, which is banned.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 15:56:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 11:56:34.897251 2026] [security2:error] [pid 3973629:tid 3973629] [client 172.71.120.69:13159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "actionrev.mainstreetofficesuites.com"] [uri "/.env.dev"] [unique_id "adZ6sj48hmiuDPCNFkmw8gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 18:27:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 14:27:44.159311 2026] [security2:error] [pid 2322:tid 2344] [client 172.71.120.69:9756] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.velatorioslucenses.com"] [uri "/.env.production"] [unique_id "adKpoExT2A2xEqbEzsRB2AAAAVQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 03:12:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 23:12:30.661043 2026] [security2:error] [pid 22711:tid 22711] [client 172.71.120.69:9717] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.unilabkenya.com"] [uri "/.env.production.local"] [unique_id "adHTHmm1G1Sd7AiAt6OwUwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 00:59:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 20:59:09.435059 2026] [security2:error] [pid 13805:tid 13805] [client 172.71.120.69:10310] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.goseethenurse.com"] [uri "/public/.env"] [unique_id "adGz3X0_8Zv1oGxZvhEMPwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 17:51:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 13:51:37.451796 2026] [security2:error] [pid 22614:tid 22614] [client 172.71.120.69:12322] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.pinhole.us"] [uri "/srv/.env"] [unique_id "adFPqSqdJSU0Hwzuh9yQPwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 16:55:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 12:55:03.250906 2026] [security2:error] [pid 22925:tid 23040] [client 172.71.120.69:10653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.julianositalianrestaurant.com"] [uri "/api/.env"] [unique_id "adFCZ_aBUzI0kKhpoYxCqQAAAIU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 15:41:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 11:41:32.210269 2026] [security2:error] [pid 11642:tid 11642] [client 172.71.120.69:14140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sidkha.com"] [uri "/.env.development.local"] [unique_id "adExLFo3tK0dZKHFd-8k5gAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 12:51:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 08:51:40.993449 2026] [security2:error] [pid 15038:tid 15038] [client 172.71.120.69:9426] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.salazartransfers.com"] [uri "/.env2"] [unique_id "adEJXLYO4gdd6DeRzSkTLwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 12:19:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.120.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 08:19:42.027639 2026] [security2:error] [pid 9098:tid 9098] [client 172.71.120.69:13785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bakerimaging.com"] [uri "/root/.env"] [unique_id "adEB3stsCiVOQGG1ZPtHegAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack