๐ฏ๐ต
S.O.B.A. Dev.
2026-05-09 01:11:23
(2 months ago)
Persistent port scanning or vulnerability scanning
Port Scan
๐บ๐ธ
TPI-Abuse
2026-04-04 09:15:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 05:15:41.814602 2026] [security2:error] [pid 17309:tid 17309] [client 172.71.222.164:9283] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.landjudging.com"] [uri "/root/.env"] [unique_id "adDWvTTIEdfFzZIV4AYUsgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 00:21:28
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 20:21:22.766651 2026] [security2:error] [pid 2717:tid 2717] [client 172.71.222.164:9489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.hawaiireservations.com.kh6jim.com"] [uri "/.env"] [unique_id "adBZgu5hljYxwDweT4xdBQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 16:20:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 12:20:14.759826 2026] [security2:error] [pid 2308:tid 2308] [client 172.71.222.164:11124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bizzmail.net"] [uri "/.env.dev.local"] [unique_id "ac_ovubSB6obPZtcleRsxgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 15:43:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 11:43:11.215896 2026] [security2:error] [pid 23484:tid 23484] [client 172.71.222.164:13581] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.agirlwithaguitar.com"] [uri "/www/.env"] [unique_id "ac6Oj2Bg8la-PicOVF3LXAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 07:42:02
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 03:41:57.237012 2026] [security2:error] [pid 22369:tid 22369] [client 172.71.222.164:9463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.chinakingdom.hk"] [uri "/admin/.env"] [unique_id "ac4dxTeI6ypVqCEH5Qe-rwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 20:08:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 16:08:45.785777 2026] [security2:error] [pid 11785:tid 11785] [client 172.71.222.164:9297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.colbygrenier.com"] [uri "/api/.env"] [unique_id "ac17TXKgt5N7A1Asrx-DUgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 19:53:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 15:53:07.731811 2026] [security2:error] [pid 29987:tid 29987] [client 172.71.222.164:11611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "starfrontiers.f4fbbs.com"] [uri "/.env.bak"] [unique_id "ac13oyX-wz8cdqMUcwDobgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 16:00:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 12:00:40.138592 2026] [security2:error] [pid 10214:tid 10214] [client 172.71.222.164:11452] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.limobustacoma.com"] [uri "/.env_backup"] [unique_id "ac1BKOSVSHliSrQ2HVoPEgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 09:53:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 05:53:25.199674 2026] [security2:error] [pid 24208:tid 24208] [client 172.71.222.164:10540] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.swaincustomdesigns.com"] [uri "/.env_secret"] [unique_id "aczrFYQfHZC1ykeB_t31ZAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 08:20:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 04:20:41.317409 2026] [security2:error] [pid 28663:tid 28663] [client 172.71.222.164:13236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bestnebraskadetective.com"] [uri "/.env.local"] [unique_id "aczVWVeMppoXAFdHHLbU2wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 05:17:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 01:17:31.900087 2026] [security2:error] [pid 18652:tid 18652] [client 172.71.222.164:12450] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.chubat.com"] [uri "/backend/.env"] [unique_id "acyqa1pp5XVsBADUaiKh5AAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 02:23:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 22:22:55.880772 2026] [security2:error] [pid 1975:tid 1975] [client 172.71.222.164:12362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ridgecrestrealtors.com"] [uri "/.env"] [unique_id "acyBf2fHjQPKRYzIM6OUCQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 02:05:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 22:05:45.549328 2026] [security2:error] [pid 18349:tid 18349] [client 172.71.222.164:10013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bamedica.com"] [uri "/.env.example"] [unique_id "acx9ec7req9oxt0ZWuck-AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 01:34:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 21:34:46.243191 2026] [security2:error] [pid 16705:tid 16709] [client 172.71.222.164:13869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.condo.management"] [uri "/.env.development"] [unique_id "acx2NgmH-GiTqE8jLajXowAAAIA"]
show less
Brute-Force
Bad Web Bot
Web App Attack