๐บ๐ธ
mawan
2026-07-04 21:12:21
(1 day ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
mawan
2026-06-30 12:43:12
(6 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
COMPLEX
2026-03-31 01:30:11
(3 months ago)
Unsolicited TCP traffic | Action: DROP | Port 8443
Brute-Force
Anonymous
2026-03-21 04:34:38
(3 months ago)
Try to connect to Port_Scan_443_stealth
Port Scan
๐บ๐ธ
TPI-Abuse
2026-03-21 04:31:25
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 00:31:18.212030 2026] [security2:error] [pid 6769:tid 6769] [client 162.158.63.70:10183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.gwdailey.com"] [uri "/app/.env"] [unique_id "ab4fFtCWwFwMHxGMaXp7-gAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 09:15:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:15:03.427296 2026] [security2:error] [pid 26205:tid 26205] [client 162.158.63.70:12993] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.comitedelafamille.org"] [uri "/docker/.env.local"] [unique_id "ab0QF55ptdiE-2bBZmM8HAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 06:46:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 02:46:27.789618 2026] [security2:error] [pid 20978:tid 20978] [client 162.158.63.70:11321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.pinhole.us"] [uri "/docker/.env"] [unique_id "abztQ-pC0vJ9qZVI-YmyKQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-20 02:23:37
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 22:23:11.592022 2026] [security2:error] [pid 29348:tid 29348] [client 162.158.63.70:13279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jambmaster.com"] [uri "/.env.dist"] [unique_id "abyvj4Tw3B4FYp17wurCogAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:45:57
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:45:26.778708 2026] [security2:error] [pid 7114:tid 7114] [client 162.158.63.70:9549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maleein.com"] [uri "/.env.save"] [unique_id "abvh1s1xPb4qKjqiut3IrwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 11:23:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:23:27.950231 2026] [security2:error] [pid 22236:tid 22236] [client 162.158.63.70:13714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.manoli.cl"] [uri "/.env.php"] [unique_id "abvcr989Ggv0wCUZ1PKmmwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:39:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:39:07.482015 2026] [security2:error] [pid 17416:tid 17416] [client 162.158.63.70:11676] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.drainpoultry.com"] [uri "/.env.orig"] [unique_id "abvSSyk2FCPCpU8_g3QQ5AAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 10:07:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:07:15.028482 2026] [security2:error] [pid 5555:tid 5555] [client 162.158.63.70:10301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.meganmurph.com"] [uri "/public/.env"] [unique_id "abvK09U9GHzxA59j8wEy0gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:45:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:45:28.119981 2026] [security2:error] [pid 2625:tid 2625] [client 162.158.63.70:11267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.theradarshop.com"] [uri "/api/.env"] [unique_id "abvFuO_tFGuMXx5N34UCGAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 09:20:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:20:40.376809 2026] [security2:error] [pid 21478:tid 21478] [client 162.158.63.70:9858] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bencramer.net"] [uri "/core/.env"] [unique_id "abu_6G9Z79erjuuoIcX_9QAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-19 08:55:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.63.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 04:55:23.642797 2026] [security2:error] [pid 21930:tid 21953] [client 162.158.63.70:13200] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "synapcyte.pwrcoupling.com"] [uri "/.env.old"] [unique_id "abu5-6nUUq3N5XjC0bCp_QAAANU"]
show less
Brute-Force
Bad Web Bot
Web App Attack