πΊπΈ
mawan
2026-06-14 22:58:18
(3 weeks ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-15 11:39:29
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 07:39:20.881757 2026] [security2:error] [pid 5527:tid 5542] [client 162.158.79.149:10776] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "reattaforsale.com"] [uri "/.env.development.local"] [unique_id "agcF6B6Oj1FFatu_T5K6lAAAAs0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-15 08:01:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:01:11.426581 2026] [security2:error] [pid 3962:tid 3962] [client 162.158.79.149:10440] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mtl.microkerneltechnologies.com"] [uri "/.env.production"] [unique_id "agbSx1qlW0UHrDEUWvO4HAAAAAU"], referer: https://www.google.com/search?q=www.mtl.microkerneltechnologies.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-27 13:47:21
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 09:47:16.768263 2026] [security2:error] [pid 9693:tid 9693] [client 162.158.79.149:12869] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chooseyourowntrail.com.robertmcatee.com"] [uri "/.env.backup"] [unique_id "acaKZJ_-pXvfCVimXlujSgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-27 01:06:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 21:06:07.559095 2026] [security2:error] [pid 24071:tid 24071] [client 162.158.79.149:12678] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aimer.es"] [uri "/private/.env"] [unique_id "acXX_056hdvSlu2tD84ldgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 19:48:52
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 15:48:44.971810 2026] [security2:error] [pid 7153:tid 7153] [client 162.158.79.149:10260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bowdens-landing.com"] [uri "/root/.env"] [unique_id "acWNnNAAOQ8UPEqHbwP1tQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 14:59:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 10:59:09.821446 2026] [security2:error] [pid 25705:tid 25728] [client 162.158.79.149:10625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.aaenroll.com"] [uri "/app/.env"] [unique_id "acVJvTRBhfd959y3hvNpSQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 13:14:00
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 09:13:55.867823 2026] [security2:error] [pid 12943:tid 12943] [client 162.158.79.149:14001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.toepert.net"] [uri "/.env.backup"] [unique_id "acUxE-84g5sI-YdHM5a9QwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 04:22:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 00:22:38.142092 2026] [security2:error] [pid 19325:tid 19325] [client 162.158.79.149:12784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.lloydprins.com"] [uri "/.env.container"] [unique_id "acS0jijJ28LFIibO2Ue_BgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
domainemporium
2026-03-19 07:21:02
(3 months ago)
(wordpress) Failed wordpress login from 162.158.79.149 (US/United States/-): (CF_ENABLE)
Brute-Force
πΊπΈ
TPI-Abuse
2024-08-24 22:10:37
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 24 18:10:28.819524 2024] [security2:error] [pid 17840:tid 17840] [client 162.158.79.149:11648] [client 162.158.79.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.christechsupport.net"] [uri "/laravel/.env"] [unique_id "ZspaVDwyhQi7ohgfnNtKqgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-06-02 00:37:46
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2024-05-28 01:24:36
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 27 21:23:57.523424 2024] [security2:error] [pid 12714] [client 162.158.79.149:30750] [client 162.158.79.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "saxarose.com"] [uri "/.env"] [unique_id "ZlUyLXZUV2uo0eMeysxNzQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-05-07 20:17:47
(2 years ago)
(mod_security) mod_security (id:225170) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 07 16:17:42.175732 2024] [security2:error] [pid 18622] [client 162.158.79.149:50676] [client 162.158.79.149] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.yggdrasil.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.yggdrasil.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZjqMZkNTMbhNvkc_WU93VgAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-04-10 11:16:42
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 10 07:16:37.201114 2024] [security2:error] [pid 15226] [client 162.158.79.149:14570] [client 162.158.79.149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.eddysgroup.com"] [uri "/.env"] [unique_id "ZhZ1FWqgAg_Q14HRk_TqKwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack