Anonymous
2026-07-02 10:33:24
(18 hours ago)
suricata IPS/IDS detection, ruleset ET SCAN Bing Webcrawler User-Agent (BingBot)
Port Scan
πΊπΈ
TPI-Abuse
2026-05-15 06:38:48
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 02:37:25.338367 2026] [security2:error] [pid 3351:tid 3351] [client 172.71.222.18:10809] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.dekosh.koshland.us|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.dekosh.koshland.us"] [uri "/config/master.key"] [unique_id "aga_JYWGO4Q793dY4zNvBAAAAC0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-09 15:42:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 11:42:21.569678 2026] [security2:error] [pid 12869:tid 12869] [client 172.71.222.18:10066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wmodradio.com"] [uri "/.git/config"] [unique_id "af9V3Wd8YZlcBu24YfxNzAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-03 08:38:04
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 04:37:58.115951 2026] [security2:error] [pid 12488:tid 12488] [client 172.71.222.18:12181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.rendermatrix.com"] [uri "/.env.backup"] [unique_id "ac98ZlVJ5dngMC9BKbOMmQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-03 08:15:52
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 04:15:48.421850 2026] [security2:error] [pid 19373:tid 19373] [client 172.71.222.18:13866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tannersvilleworks.com"] [uri "/.env.test"] [unique_id "ac93NO3b9AgteDtCUbmoKAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-03 07:03:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 03:03:04.125000 2026] [security2:error] [pid 29320:tid 29320] [client 172.71.222.18:13376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bigheartskitchen.net"] [uri "/.envrc"] [unique_id "ac9mKMwTKzDaEIPEuc0LNwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-03 05:11:36
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 01:11:28.701818 2026] [security2:error] [pid 21367:tid 21367] [client 172.71.222.18:9712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aiamur.com"] [uri "/.env.production.local"] [unique_id "ac9MADyEZFXG61xm4LscwwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-03 03:26:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 23:26:03.785210 2026] [security2:error] [pid 27133:tid 27133] [client 172.71.222.18:13172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gallery.pcoecsi.com"] [uri "/.env_settings"] [unique_id "ac8zS-a3k37v3GbeqJ_CLQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 19:03:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 15:03:43.544138 2026] [security2:error] [pid 23311:tid 23311] [client 172.71.222.18:13826] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.stoneageartifacts.com"] [uri "/.env.bak"] [unique_id "ac69j1Gc6BSabH0racxmJQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 18:46:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 14:46:18.215469 2026] [security2:error] [pid 20255:tid 20255] [client 172.71.222.18:9880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.reimaginingchess.com"] [uri "/.env.production"] [unique_id "ac65esTFoarFyU3q0LTPbAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 16:24:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 12:24:30.645149 2026] [security2:error] [pid 31261:tid 31261] [client 172.71.222.18:10656] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.cofias.net"] [uri "/.env_backup"] [unique_id "ac6YPi1KKvNqvv2b-VSu8gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 15:44:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 11:44:44.412669 2026] [security2:error] [pid 24476:tid 24476] [client 172.71.222.18:10280] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.agirlwithaguitar.com"] [uri "/.env.local"] [unique_id "ac6O7A793jaV0qn56yl8XAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 07:44:23
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 03:44:17.763535 2026] [security2:error] [pid 25597:tid 25597] [client 172.71.222.18:12726] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.watsoncousins.net"] [uri "/server/.env"] [unique_id "ac4eUWKcCGvcVnc3tdU49AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 04:15:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 00:15:37.116655 2026] [security2:error] [pid 10582:tid 10582] [client 172.71.222.18:13953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ellestark.com"] [uri "/.env.production.local"] [unique_id "ac3tafVRc7J0xAiio5gRswAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-02 01:58:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.222.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 21:58:35.406678 2026] [security2:error] [pid 20811:tid 20811] [client 172.71.222.18:13609] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.stablechase.com"] [uri "/.env.old"] [unique_id "ac3NSzBBbYsd8L6A0yt18gAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack