๐บ๐ธ
TPI-Abuse
2026-07-15 20:49:28
(5 hours ago)
(mod_security) mod_security (id:210730) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210730) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 16:49:22.497813 2026] [security2:error] [pid 10598:tid 10598] [client 162.158.159.185:12453] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.zaril.com|F|2"] [data "[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.zaril.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "alfyUvMeQvmDf8KmgWVzPQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
4server
2026-06-17 15:42:30
(4 weeks ago)
[WedJun1717:42:24.8539862026][security2:error][pid2757571:tid2757728][client162.158.159.185:0]ModSec ...
show more
[WedJun1717:42:24.8539862026][security2:error][pid2757571:tid2757728][client162.158.159.185:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"morandi-trasporti.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajLAYA15ft7kdm56qlNHXgAAABI\"]\,referer:https://www.google.com/search\?q=morandi-trasporti.ch
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-04 18:05:43
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-21 00:03:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 20:03:14.347141 2026] [security2:error] [pid 10237:tid 10237] [client 162.158.159.185:12295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bright-enterprise.com"] [uri "/.env1"] [unique_id "ab3gQpTizTjPdUeucFtgtQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 04:15:27
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:15:20.483570 2026] [security2:error] [pid 27235:tid 27235] [client 162.158.159.185:10418] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bebloor.ca"] [uri "/.env2"] [unique_id "abzJ2E9GtkGhi6VUON9QdgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 02:39:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 22:38:57.122713 2026] [security2:error] [pid 22005:tid 22005] [client 162.158.159.185:9595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reneehill.mydobdate.net"] [uri "/.env_settings"] [unique_id "abyzQQ1cxfmRV_YeoHXNXwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:47:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:47:20.922816 2026] [security2:error] [pid 21866:tid 21866] [client 162.158.159.185:14001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.plazahacienda.com"] [uri "/home/.env"] [unique_id "abviSJOxbYnM4h5runkawAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:29:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:29:45.898907 2026] [security2:error] [pid 1315:tid 1315] [client 162.158.159.185:9355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.randomgroovemusic.com"] [uri "/.git/logs/HEAD"] [unique_id "abveKSXSDKKsWN6Yn6_hJwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:46:53
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:46:48.123913 2026] [security2:error] [pid 32349:tid 32349] [client 162.158.159.185:9718] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.canadianprimarysources.org"] [uri "/.env.save"] [unique_id "abvUGBOgSK70LsMHSe1hcwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:25:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:25:40.628730 2026] [security2:error] [pid 32114:tid 32114] [client 162.158.159.185:9670] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.lunginjurylaw.com"] [uri "/.env.dev.local"] [unique_id "abvPJD_sfoy4uaRTTE27NQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:14:05
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:13:54.633483 2026] [security2:error] [pid 28227:tid 28227] [client 162.158.159.185:10469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hardcountryrock.com"] [uri "/var/www/.env"] [unique_id "abu-UgxHuvRfAdss8Aji1AAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 08:27:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 04:27:49.062240 2026] [security2:error] [pid 22934:tid 22976] [client 162.158.159.185:9858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.southtampaprints.com"] [uri "/.env.dist"] [unique_id "abuzhQ6cNeg2KCY-RdIOhAAAAIs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 06:56:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 02:56:32.427664 2026] [security2:error] [pid 17649:tid 17649] [client 162.158.159.185:12468] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.notarialota.tecnoconce.com"] [uri "/config/.env.local"] [unique_id "abueIGpPcT2eOHCpkRoH5AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 05:18:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 01:18:29.071305 2026] [security2:error] [pid 24417:tid 24417] [client 162.158.159.185:9306] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.strippolefitness.com"] [uri "/home/.env"] [unique_id "abuHJWxlb1LaROQdrwlVgwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 03:52:21
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.159.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 18 23:52:15.023406 2026] [security2:error] [pid 20627:tid 20627] [client 162.158.159.185:10907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "timquanconsulting.homehealth101.com"] [uri "/config/.env"] [unique_id "abty7wzbbUElu9NBERLdygAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack