πΊπΈ
TPI-Abuse
2026-06-01 09:34:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 05:34:49.918575 2026] [security2:error] [pid 18410:tid 18410] [client 46.202.158.167:30682] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rachel-heiko.com"] [uri "/backend/.env"] [unique_id "ah1SORTc4NOB1Nvk00D1RwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 07:27:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 03:27:28.483660 2026] [security2:error] [pid 16362:tid 16442] [client 46.202.158.167:38060] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "indigowampum.com"] [uri "/new/.env"] [unique_id "ah00YGIXDeupDESNY_zRhgAAAUQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 06:11:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 02:11:15.026880 2026] [security2:error] [pid 18037:tid 18037] [client 46.202.158.167:23394] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fortwaynepartybuses.com"] [uri "/admin/.env"] [unique_id "ah0igxdMM-XT99FQMl2WGwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 05:47:34
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 01:47:30.712193 2026] [security2:error] [pid 30146:tid 30146] [client 46.202.158.167:21170] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pa-ksa.com"] [uri "/new/.env"] [unique_id "ah0c8rc5SWz0z_zG4ZBJTQAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 05:03:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 01:03:02.274923 2026] [security2:error] [pid 8309:tid 8309] [client 46.202.158.167:22636] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "buddysinflatables.com"] [uri "/api/.env"] [unique_id "ah0Shu6Aq0sd7MIMnQ8o9QAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΉπ·
baku.hosting
2026-06-01 04:44:30
(1 month ago)
CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 46.202.158.167 (DE/Germany/-): ...
show more
CSF Auto Report: (mod_security) mod_security (id:949110) triggered by 46.202.158.167 (DE/Germany/-): 5 in the last 3600 secs
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 04:38:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 00:38:01.767013 2026] [security2:error] [pid 20605:tid 20605] [client 46.202.158.167:30364] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "footballxp.com"] [uri "/.env"] [unique_id "ah0MqeAF4jQoKr3UYlesagAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-01 03:59:41
(1 month ago)
(caddyscan) Scanner path probe from 46.202.158.167 (DE/Germany/-): 5 in the last 3600 secs; Ports: * ...
show more
(caddyscan) Scanner path probe from 46.202.158.167 (DE/Germany/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 46.202.158.167 - - [01/Jun/2026:03:59:38 +0000] "GET /member/.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [01/Jun/2026:03:59:38 +0000] "GET /backend/.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [01/Jun/2026:03:59:38 +0000] "GET /.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [01/Jun/2026:03:59:38 +0000] "GET /admin/.env HTTP/1.1"
[REDACTED] 200 2627 46.202.158.167 - - [01/Jun/2026:03:59:38 +0000] "GET /dev/.env HTTP/1.1"
show less
Port Scan
Anonymous
2026-06-01 03:50:00
(1 month ago)
suspicious request in access.log
Web App Attack
π¬π§
consul.to
2026-06-01 03:48:10
(1 month ago)
Web attack/malicious scanning detected
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 03:44:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 23:44:19.194605 2026] [security2:error] [pid 18397:tid 18397] [client 46.202.158.167:49078] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "henrietteg.com"] [uri "/app/.env"] [unique_id "ah0AE_QvICycNqonstVpJwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-01 03:21:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 46.202.158.167 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 23:21:13.693569 2026] [security2:error] [pid 10196:tid 10196] [client 46.202.158.167:21538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wellingtonrossi.com"] [uri "/backend/.env"] [unique_id "ahz6qVDwayuyjcL05UPknwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-01 02:24:31
(1 month ago)
Restricted File Access Attempt. Matched phrase ".env" at REQUEST_FILENAME. (930130-193)
Hacking
Web App Attack
π¨π¦
polycoda
2026-06-01 02:23:38
(1 month ago)
AutoBlock: π― Vulnerability Scanner (Non Decay-Based)
Hacking
Web App Attack
π©πͺ
Bedios GmbH
2026-06-01 01:43:05
(1 month ago)
Login credentials theft attempt
Hacking