Anonymous
2026-07-02 10:33:24
(5 hours ago)
suricata IPS/IDS detection, ruleset ET SCAN Bing Webcrawler User-Agent (BingBot)
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-15 11:08:12
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 07:06:03.247721 2026] [security2:error] [pid 31604:tid 31604] [client 172.71.223.107:10703] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.belize-boat-registration.com.boatregistrationdelaware.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.belize-boat-registration.com.boatregistrationdelaware.com"] [uri "/config/database.php.bak"] [unique_id "agb-GxNqueJ1CJBvPGdn8gAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-04 01:11:17
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 21:11:11.219936 2026] [security2:error] [pid 29002:tid 29002] [client 172.71.223.107:12406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.dixiegeek.com"] [uri "/.env.old"] [unique_id "adBlL0OvH8RwjzmobM4t1AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 11:25:28
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 07:25:23.279528 2026] [security2:error] [pid 9091:tid 9091] [client 172.71.223.107:14126] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.azpinklimos.com"] [uri "/.env.production.bak"] [unique_id "ac-joyGggAzLhM5gylJNrgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 07:49:52
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 03:49:45.000790 2026] [security2:error] [pid 353:tid 353] [client 172.71.223.107:12297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.adventiststoday.com"] [uri "/.env.old"] [unique_id "ac9xGQRk3MxaIP5ib6JScQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 07:08:25
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 03 03:08:16.346285 2026] [security2:error] [pid 24598:tid 24598] [client 172.71.223.107:12864] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.title50.com"] [uri "/.env.save"] [unique_id "ac9nYLFnYhs3ifXBqcyoJAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-03 02:53:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 22:53:06.977342 2026] [security2:error] [pid 23693:tid 23693] [client 172.71.223.107:13990] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lambert-heating-and-air.com"] [uri "/.env.development"] [unique_id "ac8rkoBykjecsqEfb8cw9wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 20:16:43
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 16:16:36.817235 2026] [security2:error] [pid 7420:tid 7420] [client 172.71.223.107:12088] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jamroomrecording.com.galaxyretro.com"] [uri "/.env"] [unique_id "ac7OpIEA_qAx8VB_sSzoUgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-02 07:46:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 03:46:12.030236 2026] [security2:error] [pid 18042:tid 18042] [client 172.71.223.107:10115] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.chinakingdom.hk"] [uri "/config/.env"] [unique_id "ac4exCtVI0gDmYErc0zSggAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 20:56:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 16:55:55.963994 2026] [security2:error] [pid 12509:tid 12509] [client 172.71.223.107:14275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.eb3d.net.lahamradio.com"] [uri "/.env.backup"] [unique_id "ac2GWwRf_96ZqbP16d_3DAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 16:01:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 12:01:35.079453 2026] [security2:error] [pid 11466:tid 11466] [client 172.71.223.107:9406] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.skyfall-estate.com"] [uri "/.envrc"] [unique_id "ac1BX_Njf1n375rDmX3p4AAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 05:01:19
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 01:01:11.827836 2026] [security2:error] [pid 2453:tid 2499] [client 172.71.223.107:9546] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chadcentral.com"] [uri "/.env.production"] [unique_id "acyml9fcFTq0OhIpSqE7-AAAAEw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 04:22:46
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 00:22:37.782138 2026] [security2:error] [pid 23193:tid 23193] [client 172.71.223.107:13585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.deannlottmusic.com"] [uri "/backend/.env"] [unique_id "acydjffi45IRMQUern5GcwAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-01 00:00:38
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 20:00:22.356668 2026] [security2:error] [pid 16794:tid 16794] [client 172.71.223.107:11779] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.swindon-itf.com"] [uri "/.env.production.local"] [unique_id "acxgFury1nxwT19u8owLCQAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-31 16:36:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.71.223.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 31 12:35:53.566106 2026] [security2:error] [pid 7590:tid 7590] [client 172.71.223.107:10776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greed.wisk.org"] [uri "/.envrc"] [unique_id "acv36aCdavKKNV7Z0lw7KgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack