πΊπΈ
mawan
2026-07-06 12:24:22
(9 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
π³π±
homeshowdomain.nl
2026-05-14 22:06:07
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-05-09 17:42:05
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 13:42:00.805435 2026] [security2:error] [pid 2507:tid 2507] [client 162.158.78.236:11732] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hollistercomputer.com"] [uri "/.git/config"] [unique_id "af9x6FMVeWdfPZMRyBvP4wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-09 14:04:58
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 10:04:55.255408 2026] [security2:error] [pid 1760:tid 1776] [client 162.158.78.236:10061] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "registeredprojectmanager.com"] [uri "/.git/config"] [unique_id "af8_BzHQaG69BugtqLh2_wAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
chrisj
2026-04-18 05:35:27
(2 months ago)
[Sat Apr 18 05:35:26.137099 2026] [proxy_fcgi:error] [pid 304102:tid 304102] [client 162.158.78.236: ...
show more
[Sat Apr 18 05:35:26.137099 2026] [proxy_fcgi:error] [pid 304102:tid 304102] [client 162.158.78.236:11467] AH01071: Got error 'Primary script unknown'
[Sat Apr 18 05:35:26.400350 2026] [proxy_fcgi:error] [pid 304102:tid 304102] [client 162.158.78.236:11467] AH01071: Got error 'Primary script unknown'
[Sat Apr 18 05:35:26.639646 2026] [proxy_fcgi:error] [pid 304102:tid 304102] [client 162.158.78.236:11467] AH01071: Got error 'Primary script unknown'
...
show less
Brute-Force
π·πΊ
ago.su
2026-04-15 03:43:18
(2 months ago)
F2B blocked nginx bad bot [otd]
Hacking
Web App Attack
πΊπΈ
mnsf
2026-04-07 07:05:43
(2 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-04-04 10:05:41
(3 months ago)
Scanning/Probing (16)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-03-30 17:06:52
(3 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-27 09:15:45
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 05:15:07.404681 2026] [security2:error] [pid 8425:tid 8425] [client 162.158.78.236:11146] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "allautousa.com"] [uri "/root/.env"] [unique_id "acZKm4jm_dyJh5UilOshUAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-27 08:12:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 04:12:49.908175 2026] [security2:error] [pid 15629:tid 15629] [client 162.158.78.236:12267] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.4photogifts.com"] [uri "/var/www/html/.env"] [unique_id "acY8AdLgoMALkcAviT6tiAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 23:27:56
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 19:27:48.739933 2026] [security2:error] [pid 11830:tid 11830] [client 162.158.78.236:10373] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stage.cormanleigh.com"] [uri "/.env.production.local"] [unique_id "acXA9I3zkrJC4iHgp8SlSQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 18:31:19
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 14:31:14.152279 2026] [security2:error] [pid 23356:tid 23356] [client 162.158.78.236:14297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bluespringssports.com.johnandramonadunn.com"] [uri "/app/.env"] [unique_id "acV7cpuXMx43mOgZJL7pPgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 07:19:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 03:19:21.236332 2026] [security2:error] [pid 3346:tid 3410] [client 162.158.78.236:10702] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.baronlongford.com"] [uri "/.env.tmp"] [unique_id "acTd-Yb3XSmT9wcd7sE91gAAAIM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 04:24:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.78.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 00:24:15.995650 2026] [security2:error] [pid 17185:tid 17185] [client 162.158.78.236:13600] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.lloydprins.com"] [uri "/.env.production"] [unique_id "acS073-pv9BU-tGQxxxGCgAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack