๐ฎ๐น
IRT@Unisi
2026-07-04 10:25:26
(2 days ago)
anomaly:tcp_dst_session,1001>threshold1000,repeats371timessincelastlog
DDoS Attack
๐บ๐ธ
mnsf
2026-04-04 14:06:02
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 04:54:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 00:54:29.570516 2026] [security2:error] [pid 17690:tid 17690] [client 162.158.159.157:14314] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lizlemos.org.rejuvenationsystems.com"] [uri "/.env1"] [unique_id "ab4khSNIGT0SibEtNCNCsgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 09:04:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:03:58.021252 2026] [security2:error] [pid 20366:tid 20366] [client 162.158.159.157:9646] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.test.oowoah.com"] [uri "/public/.env"] [unique_id "ab0Nfq7tyW1fGiyHZZtFugAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 02:19:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 22:19:32.505169 2026] [security2:error] [pid 22152:tid 22152] [client 162.158.159.157:12084] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "astariafilms.com"] [uri "/.env.json"] [unique_id "abyutLBogsJfIYkGDFWP8gAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:34:32
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:34:27.176933 2026] [security2:error] [pid 30301:tid 30301] [client 162.158.159.157:9632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.ppichardocigars.com"] [uri "/backend/.env"] [unique_id "abvfQ52kDit26bjJlJ9X7wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:28:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:28:22.462692 2026] [security2:error] [pid 2760:tid 2760] [client 162.158.159.157:12379] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.sb-adventures.com"] [uri "/.env.production.local"] [unique_id "abvPxi2828XntuhxnOJubQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:03:10
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:03:04.576347 2026] [security2:error] [pid 5087:tid 5087] [client 162.158.159.157:9896] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.williambarfoot.com"] [uri "/.env.production.local"] [unique_id "abvJ2Awtq74SX3AQ9DvIDgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:10:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:10:23.722831 2026] [security2:error] [pid 28026:tid 28026] [client 162.158.159.157:11620] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.clearlightcarwash.com"] [uri "/var/www/html/.env"] [unique_id "abu9fylOMnVmOoufheUNzAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 08:36:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 04:36:04.574655 2026] [security2:error] [pid 6757:tid 6757] [client 162.158.159.157:11366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.giftsprinted.com"] [uri "/.env_settings"] [unique_id "abu1dBlIUTcyZ8I8AcwItAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 08:13:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 04:13:08.568069 2026] [security2:error] [pid 8796:tid 8875] [client 162.158.159.157:10768] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.retrieversocal.com"] [uri "/config/.env"] [unique_id "abuwFLy4sDyDw0ttnuR5YgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 07:34:21
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 03:33:41.614636 2026] [security2:error] [pid 2632:tid 2632] [client 162.158.159.157:13390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "_dc-mx.ddb74accf5d9.www.dentalcareop.com"] [uri "/.env.development"] [unique_id "abum1e_vnJAhmur5pdtr2gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 06:44:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 02:43:53.483645 2026] [security2:error] [pid 2434:tid 2434] [client 162.158.159.157:12684] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.salvoni.org"] [uri "/var/www/html/.env"] [unique_id "abubKRPJ3IN-AxfdLzaNIwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 05:32:23
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 01:32:15.233736 2026] [security2:error] [pid 5208:tid 5208] [client 162.158.159.157:11437] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wamgirlz.grayhost.net"] [uri "/.env.container"] [unique_id "abuKXyTy5EHXYjOcOWiebAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 05:01:48
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.157 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 01:01:41.826102 2026] [security2:error] [pid 9885:tid 9885] [client 162.158.159.157:9483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.caremedicalbillinginc.com"] [uri "/public/.env"] [unique_id "abuDNbmKXSEUYqdfwrYVXAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack