Anonymous
2026-07-11 00:05:41
(5 hours ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
mawan
2026-07-08 01:07:08
(3 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฆ๐ฑ
router.al
2026-07-08 00:35:41
(3 days ago)
07/08/2026-00:35:40.703433 141.101.98.234 Protocol: 6 ET SCAN WordPress Scanner Performing Multiple ...
show more
07/08/2026-00:35:40.703433 141.101.98.234 Protocol: 6 ET SCAN WordPress Scanner Performing Multiple Requests to Windows Live Writer XML
show less
Hacking
๐ฎ๐ณ
ashwani
2026-04-13 05:20:00
(2 months ago)
[msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.e ...
show more
[msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"]
show less
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-04-09 00:05:23
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 20:04:57.001242 2026] [security2:error] [pid 2698925:tid 2698925] [client 141.101.98.234:13230] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kdarmsta.com"] [uri "/.env.save"] [unique_id "adbtKWgNArsKwj_x7aBnNQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 22:48:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 18:48:36.661176 2026] [security2:error] [pid 3501236:tid 3501236] [client 141.101.98.234:11808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rosetina.com"] [uri "/.env.old"] [unique_id "adbbRDp8wnxsKdXKMBc63gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 14:30:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 10:30:19.747013 2026] [security2:error] [pid 2381380:tid 2381380] [client 141.101.98.234:12953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.wa211.org"] [uri "/core/.env"] [unique_id "adZme2hEo1vMJmU1E24SpQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 13:05:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 09:04:57.858577 2026] [security2:error] [pid 2598632:tid 2598632] [client 141.101.98.234:12205] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beepainless.garyrankin.com"] [uri "/.env~"] [unique_id "adZSeafAZDiTezsAXbtIAQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 11:49:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 07:48:58.998340 2026] [security2:error] [pid 815895:tid 815932] [client 141.101.98.234:12733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.landmarkocchealth.com"] [uri "/var/www/html/.env"] [unique_id "adZAqgQf_Hea7wsu91lIHAAAAVY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 09:38:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 05:38:05.398712 2026] [security2:error] [pid 2613339:tid 2613339] [client 141.101.98.234:12692] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.l39capital.com"] [uri "/admin/.env"] [unique_id "adYh_RprcHW8McumsB9fHgAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 08:44:10
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 04:44:04.998784 2026] [security2:error] [pid 2089877:tid 2089877] [client 141.101.98.234:10166] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.gunningphysio.com"] [uri "/.env.staging"] [unique_id "adYVVCwwp-lZ0FCOA_ODLQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 08:01:39
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 04:01:32.265350 2026] [security2:error] [pid 2102579:tid 2102579] [client 141.101.98.234:10360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mayiasteadman.com"] [uri "/.git/index"] [unique_id "adYLXEy-Z9aXHaVpPmlSvAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 07:31:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 03:31:05.993977 2026] [security2:error] [pid 2513251:tid 2513251] [client 141.101.98.234:10009] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rocksolidhomebuilders.com"] [uri "/private/.env"] [unique_id "adYEOQJxlAMJ0INpeAQvNwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 07:00:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 03:00:14.530302 2026] [security2:error] [pid 2786750:tid 2786750] [client 141.101.98.234:10861] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.eastbrooktech.com"] [uri "/public/.env"] [unique_id "adX8_mXaVtQaCmlSrLXaDAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-08 06:19:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 141.101.98.234 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 02:18:58.035471 2026] [security2:error] [pid 2059992:tid 2059992] [client 141.101.98.234:10974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.five21.com"] [uri "/admin/.env"] [unique_id "adXzUgciBkc9bxvXeg8rLwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack