๐บ๐ธ
mawan
2026-07-11 14:01:49
(9 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-06-16 22:02:41
(3 weeks ago)
Auto-ban: >3000 req/min op 2026-06-16
Web App Attack
SSH
Hacking
๐บ๐ธ
HJ5Ss4Ju
2026-06-09 14:45:19
(1 month ago)
WordPress XMLRPC scan :: 162.158.158.133 - - [09/Jun/2026:14:45:18 0000] "GET /xmlrpc.php HTTP/1.1" ...
show more
WordPress XMLRPC scan :: 162.158.158.133 - - [09/Jun/2026:14:45:18 0000] "GET /xmlrpc.php HTTP/1.1" 405 53 "https://mockbox.net/xmlrpc.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0"
show less
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
mawan
2026-05-13 17:17:48
(1 month ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2026-05-04 21:27:16
(2 months ago)
Probing for known exploit paths (.env, .git, wp-admin, shell files, etc.). Single-strike ban policy ...
show more
Probing for known exploit paths (.env, .git, wp-admin, shell files, etc.). Single-strike ban policy โ zero tolerance for exploit scanning. Banned May 4, 21:27 UTC. Origin: United States, New York.
show less
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2026-04-19 00:10:15
(2 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 06:25:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 02:25:26.511043 2026] [security2:error] [pid 18356:tid 18356] [client 162.158.158.133:12505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ajvaage.com"] [uri "/public/.env"] [unique_id "abzoVjW1z-r1CPIofPRWHAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 00:27:38
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 20:27:33.565116 2026] [security2:error] [pid 29053:tid 29143] [client 162.158.158.133:10244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.moderncabinetcorp.com"] [uri "/config/.env.local"] [unique_id "abyUdeakVOqGx89e02LNXgAAAMk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:53:17
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:53:13.658917 2026] [security2:error] [pid 1817:tid 1847] [client 162.158.158.133:10666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.selfhelpbook.org"] [uri "/.git/refs/heads/main"] [unique_id "abvjqZYccVtTjQgBThGnsAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:37:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:37:04.165005 2026] [security2:error] [pid 32652:tid 32652] [client 162.158.158.133:10139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ppichardocigars.com"] [uri "/home/.env"] [unique_id "abvf4GQQ9qSsr0yHm9VqLwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:41:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:41:21.490853 2026] [security2:error] [pid 4934:tid 4934] [client 162.158.158.133:11886] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.comsew.com.au"] [uri "/.env_settings"] [unique_id "abvS0bHr7B2l-w_NhdfxPgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:05:58
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:05:51.720578 2026] [security2:error] [pid 22933:tid 23044] [client 162.158.158.133:12535] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.behaviorhealth.org"] [uri "/admin/.env"] [unique_id "abu8b-G-tjlgL9jEgA_3ngAAAFg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 08:31:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 04:31:41.545165 2026] [security2:error] [pid 3803:tid 3803] [client 162.158.158.133:11076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dudleyanddudley.com"] [uri "/srv/.env"] [unique_id "abu0bfbx5qa3TtdwC_WuDAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 08:01:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 04:00:59.934869 2026] [security2:error] [pid 8730:tid 8730] [client 162.158.158.133:11626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.csp-servicios.com"] [uri "/.env"] [unique_id "abutO3m2UU_MY4ntaImGjAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 06:10:34
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 02:10:25.841228 2026] [security2:error] [pid 15963:tid 15963] [client 162.158.158.133:10983] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.autocares-belintxon.com"] [uri "/var/www/html/.env"] [unique_id "abuTURJTeuh8AD2st0krSAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack