Anonymous
2026-07-17 20:06:53
(8 hours ago)
141.101.98.18 - - [17/Jul/2026:20:06:53 +0000] "GET /wp-admin/install.php?step=1 HTTP/1.1" 404 437 " ...
show more
141.101.98.18 - - [17/Jul/2026:20:06:53 +0000] "GET /wp-admin/install.php?step=1 HTTP/1.1" 404 437 "-" "http://ashleybutcher.eu/wp-admin/install.php?step=1"
...
show less
Bad Web Bot
Web App Attack
π¬π§
andypiper
2026-04-27 00:32:39
(2 months ago)
CrowdSec ban for crowdsecurity/netgear-router-bruteforce
Brute-Force
Web App Attack
πΊπ¦
URAN Publishing Service
2026-04-20 12:00:11
(2 months ago)
141.101.98.18 - - [20/Apr/2026:15:00:09 +0300] "GET /cgi-bin/file.php HTTP/1.1" 404 245 "-" "Mozilla ...
show more
141.101.98.18 - - [20/Apr/2026:15:00:09 +0300] "GET /cgi-bin/file.php HTTP/1.1" 404 245 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.149 Safari/537.36"
141.101.98.18 - - [20/Apr/2026:15:00:10 +0300] "GET /cgi-bin/index.php HTTP/1.1" 404 245 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-09 02:02:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 22:02:15.272588 2026] [security2:error] [pid 2915668:tid 2915668] [client 141.101.98.18:12969] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "t5-online.powerastronomy.com"] [uri "/.env.backup"] [unique_id "adcIp4MtvcTM9X_5J9HLLAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 21:33:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:33:39.652665 2026] [security2:error] [pid 2761678:tid 2761678] [client 141.101.98.18:13376] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.marketingtailoredtoyou.com"] [uri "/api/.env"] [unique_id "adbJs5YlxzxFQB2FcAn17QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 21:09:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 17:09:36.994071 2026] [security2:error] [pid 134046:tid 134046] [client 141.101.98.18:9848] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lendren.com"] [uri "/.env.old"] [unique_id "adbEELUmDMNU1PxZ4m9eLwAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 18:53:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 14:53:17.736879 2026] [security2:error] [pid 2920457:tid 2920457] [client 141.101.98.18:11279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.gilbertortegajewelry.com"] [uri "/.env.backup"] [unique_id "adakHTzB6GRVcTOHMcxhDwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 15:23:39
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 11:23:24.025465 2026] [security2:error] [pid 2086430:tid 2086430] [client 141.101.98.18:13528] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stellwagenmusic.com.jimgrenier.com"] [uri "/.env_backup"] [unique_id "adZy7NtB6ecIptOZ61HQTAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 14:47:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 10:47:45.671024 2026] [security2:error] [pid 815895:tid 815921] [client 141.101.98.18:12430] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.toastandfigs.com"] [uri "/.env~"] [unique_id "adZqkQQf_Hea7wsu91l4PAAAAUs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 14:07:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 10:07:17.060048 2026] [security2:error] [pid 3399260:tid 3399260] [client 141.101.98.18:13917] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.billymitchell.com"] [uri "/.env"] [unique_id "adZhFZITXi735VwLd_enkwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 13:19:20
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 09:19:15.659715 2026] [security2:error] [pid 2220684:tid 2220684] [client 141.101.98.18:13119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.zztp.ws"] [uri "/.env.tmp"] [unique_id "adZV0w9XH7rrR5C2iJLBpAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 12:47:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 08:46:55.135960 2026] [security2:error] [pid 397589:tid 397589] [client 141.101.98.18:13867] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jrpiano.com"] [uri "/core/.env"] [unique_id "adZOPz6Ukctj0m-p_xIQcwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 10:24:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 06:24:47.414468 2026] [security2:error] [pid 2579847:tid 2579847] [client 141.101.98.18:14163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.donalep.com"] [uri "/core/.env"] [unique_id "adYs7zOL0zEHWQMd8kIzbgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 09:19:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 05:19:00.694331 2026] [security2:error] [pid 1966961:tid 1967069] [client 141.101.98.18:13266] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "atdotorg.org"] [uri "/.env"] [unique_id "adYdhA8JMLE4IUZqUCI99QAAAJI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-04-08 07:30:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 03:30:09.695820 2026] [security2:error] [pid 1912593:tid 1912593] [client 141.101.98.18:11939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.halblog.com"] [uri "/.env.backup"] [unique_id "adYEAetsbtX3FqFsFSB5AQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack