๐บ๐ธ
TPI-Abuse
2026-06-25 01:39:45
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 21:39:35.622864 2026] [security2:error] [pid 29956:tid 29956] [client 162.158.158.41:24018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "daveroozendaal.com"] [uri "/.env"] [unique_id "ajyG1zFRpf-vi8mjDQAfDwAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-04-21 22:00:34
(2 months ago)
Auto-ban: >3000 req/min op 2026-04-21
Web App Attack
SSH
Hacking
๐บ๐ธ
octageeks.com
2026-04-08 04:09:19
(2 months ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐ฌ๐ง
maiconburn
2026-04-07 08:58:28
(2 months ago)
InnerWarden auto-block: WHAT: The neural anomaly detection flagged highly unusual HTTP traffic from ...
show more
InnerWarden auto-block: WHAT: The neural anomaly detection flagged highly unusual HTTP traffic from IP 162.158.158.41, which is not previously reported or blocked. WHY: The neural model identified this as a 100% anomaly, indicating behavior unlike normal traffic patterns. RISK IF IGNORED: Potential ongoing attack or infiltration attempt that could compromise server integrity or data. RISK IF WE ACT: Blocking this IP might cause false positives if traffic is legitimate, but given the critical severity and neural detection confidence, the risk is low. DECISION: Given the high confidence and unambiguous anomaly, I will block the IP using UFW to prevent further malicious activity. (confidence 95%)
show less
Hacking
๐บ๐ธ
mnsf
2026-04-06 02:05:56
(2 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-04 17:06:02
(2 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 04:13:51
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 00:13:44.286574 2026] [security2:error] [pid 17287:tid 17287] [client 162.158.158.41:14006] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.anythingsoldworldwide.com"] [uri "/docker/.env.local"] [unique_id "ab4a-McKWYR2NhgeZWd08wAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:55:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:54:58.000781 2026] [security2:error] [pid 15275:tid 15275] [client 162.158.158.41:9875] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thegreenhome.xyz.artbytracyjane.com"] [uri "/.env.backup"] [unique_id "abzTISqmGT5CU9J9ebCgjwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:37:09
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:37:05.605842 2026] [security2:error] [pid 24764:tid 24764] [client 162.158.158.41:11121] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thongtracker.com"] [uri "/www/.env"] [unique_id "abzO8fCIyzTn3Y-0aixMUwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 03:38:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:38:17.453211 2026] [security2:error] [pid 32230:tid 32230] [client 162.158.158.41:13457] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.district7vote.com"] [uri "/.env~"] [unique_id "abzBKU3UektHD3XerugxiQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:50:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:50:37.291626 2026] [security2:error] [pid 21362:tid 21362] [client 162.158.158.41:9965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.zztp.ws"] [uri "/public/.env"] [unique_id "abvjDdx7RbZgbacXUDqBMQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:00:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:00:34.088150 2026] [security2:error] [pid 13704:tid 13704] [client 162.158.158.41:10257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.w360.mx"] [uri "/.env.development"] [unique_id "abvXUpgTjUvMxVF5SK_o3AAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:29:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:29:18.128061 2026] [security2:error] [pid 14785:tid 14785] [client 162.158.158.41:11615] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.lunginjurylaw.com"] [uri "/admin/.env"] [unique_id "abvP_tcoYhT5qyef-f0W4QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:52:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:52:56.328154 2026] [security2:error] [pid 25643:tid 25643] [client 162.158.158.41:13972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "campbellsclan.com"] [uri "/.env_backup"] [unique_id "abvHeA4LkgLzE6d2ZTA5DwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:14:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.158.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:14:14.472386 2026] [security2:error] [pid 31774:tid 31774] [client 162.158.158.41:11142] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hardcountryrock.com"] [uri "/home/.env"] [unique_id "abu-Zs8WkytkFtniig5VOwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack