πΊπΈ
mnsf
2026-04-08 03:05:48
(2 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-04-04 10:05:41
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-04-03 02:05:44
(3 months ago)
Scanning/Probing (14)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-03-31 19:06:20
(3 months ago)
Scanning/Probing (14)
Brute-Force
Web App Attack
πΊπΈ
mnsf
2026-03-27 14:05:32
(3 months ago)
Scanning/Probing (17)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-27 12:39:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 08:38:55.604816 2026] [security2:error] [pid 25313:tid 25328] [client 162.158.79.91:10156] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rosicruciansociety.com"] [uri "/root/.env"] [unique_id "acZ6X_SDFuXbF3I1kVcQ_wAAAMk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 23:30:41
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 19:30:37.185558 2026] [security2:error] [pid 13474:tid 13474] [client 162.158.79.91:9390] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stage.cormanleigh.com"] [uri "/.env.production"] [unique_id "acXBnTNkE2O2Y8AP9DMudQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 16:22:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 12:22:16.210321 2026] [security2:error] [pid 10130:tid 10130] [client 162.158.79.91:12083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.chasingtequila.com"] [uri "/public/.env"] [unique_id "acVdOGBLYdgODtFH1rvv9gAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 13:29:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 09:28:50.185551 2026] [security2:error] [pid 20507:tid 20507] [client 162.158.79.91:14268] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.silvermoonpizza.com"] [uri "/.env.save"] [unique_id "acU0kgg1jJ4kddUAntTBeQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-26 12:46:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 08:45:54.206499 2026] [security2:error] [pid 31149:tid 31149] [client 162.158.79.91:9900] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.grasslakepizzatime.com"] [uri "/site/.env"] [unique_id "acUqgqVEu2p_HO3VoCllwAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-25 17:37:16
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 13:36:27.542036 2026] [security2:error] [pid 29743:tid 29743] [client 162.158.79.91:11157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cwidisplays.com"] [uri "/.env~"] [unique_id "acQdG1fUnLbpkMJZFBF8dgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-25 15:56:26
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 11:56:18.648563 2026] [security2:error] [pid 11121:tid 11121] [client 162.158.79.91:11051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cameronwv.com"] [uri "/.env_backup"] [unique_id "acQFoufFnS82lssedNQA8gAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-25 15:28:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 11:26:36.072759 2026] [security2:error] [pid 19225:tid 19225] [client 162.158.79.91:11079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.naturev.net"] [uri "/backend/.env"] [unique_id "acP-rPqgyzT5Jb1yoHxhpgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-25 12:14:22
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.79.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 08:13:56.895057 2026] [security2:error] [pid 31128:tid 31206] [client 162.158.79.91:11139] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tomithai.com"] [uri "/.env_settings"] [unique_id "acPRhNtI-9E3Np1QDZXdUgAAAMU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-03-22 01:05:54
(3 months ago)
Scanning/Probing (17)
Brute-Force
Web App Attack