๐บ๐ธ
mawan
2026-05-12 01:17:22
(2 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mnsf
2026-03-30 01:06:51
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-22 12:05:18
(3 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-21 03:07:18
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 02:56:10
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 22:56:05.613291 2026] [security2:error] [pid 5890:tid 5890] [client 104.23.253.144:10815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mrgutierrezshow.com"] [uri "/.env.test"] [unique_id "ab4IxUc8ZgaKsUMHYzOp2QAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 00:19:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 20:19:43.575785 2026] [security2:error] [pid 24948:tid 24948] [client 104.23.253.144:13828] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.philipjnielsen-drafting-design.com"] [uri "/.env.dev"] [unique_id "ab3kH9q7tRKXrVW6J2EXbwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 09:32:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:32:31.414688 2026] [security2:error] [pid 11304:tid 11304] [client 104.23.253.144:13658] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bizzybeejunkremoval.com"] [uri "/.env.dev.local"] [unique_id "ab0ULyO2vhMyiClKVPAuPQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 06:56:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 02:55:55.363100 2026] [security2:error] [pid 1577:tid 1577] [client 104.23.253.144:10866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.weismanovens.com"] [uri "/.env.local.backup"] [unique_id "abzve-tYzIk3FYj4Yb-FTgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 03:11:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:11:00.882628 2026] [security2:error] [pid 17872:tid 17872] [client 104.23.253.144:13319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kyws-lp.webserviceswest.com"] [uri "/.env.backup"] [unique_id "aby6xCQsF0-8XGR_cwp1CAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 02:23:42
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 22:23:32.217426 2026] [security2:error] [pid 13974:tid 13974] [client 104.23.253.144:14296] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.operatif.com"] [uri "/.env.development.local"] [unique_id "abyvpBnlcGb-ImU7lgpyDgAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 01:36:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:36:44.827623 2026] [security2:error] [pid 18499:tid 18499] [client 104.23.253.144:13404] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.majersigns.com"] [uri "/.env.example"] [unique_id "abykrGt5C829KnqFI7y2TAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 01:06:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:06:14.817013 2026] [security2:error] [pid 6195:tid 6195] [client 104.23.253.144:10822] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ronmelbihess.waggonerfinancial.com"] [uri "/.env.dist"] [unique_id "abydhs2QKI6USEC-v8T23AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:20:10
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:20:01.452473 2026] [security2:error] [pid 5753:tid 5780] [client 104.23.253.144:11598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.wpe.uk.com"] [uri "/.env_secret"] [unique_id "abvb4V7alC5V06deuhQnKAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:00:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:00:10.013728 2026] [security2:error] [pid 5161:tid 5161] [client 104.23.253.144:11850] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.va-designers.com"] [uri "/var/www/html/.env"] [unique_id "abvJKvkxEfw1I4d9cXVZ2gAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:33:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:33:41.355654 2026] [security2:error] [pid 28833:tid 28833] [client 104.23.253.144:13611] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kylight.net"] [uri "/admin/.env"] [unique_id "abvC9TpZfFNUZZdq8OlbxgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack