MAGIC
2024-09-03 06:13:36
(4 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-08-21 22:00:24
(2 weeks ago)
BruteForce IMAP/POP3
Brute-Force
geot
2024-08-11 12:53:55
(3 weeks ago)
GET /.env HTTP/1.1
GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
POST ... show more GET /.env HTTP/1.1
GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1
POST / HTTP/1.1 show less
Port Scan
Hacking
Web App Attack
TPI-Abuse
2024-08-09 12:59:43
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 08:59:36.169381 2024] [security2:error] [pid 27088:tid 27088] [client 102.165.41.59:4684] [client 102.165.41.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.27"] [uri "/.env"] [unique_id "ZrYSuJ14hPj6CVRWJNAoQAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-09 12:33:56
(4 weeks ago)
20 attempts against mh-misbehave-ban on melon
Brute-Force
Bad Web Bot
Web App Attack
Starburst SysOp Team
2024-08-09 12:29:00
(4 weeks ago)
[Fri Aug 09 12:29:15.304662 2024] [:error] [pid 3552723:tid 3552741] [client 102.165.41.59:4795] [cl ... show more [Fri Aug 09 12:29:15.304662 2024] [:error] [pid 3552723:tid 3552741] [client 102.165.41.59:4795] [client 102.165.41.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "-"] [uri "/.env"] [unique_id "ZrYLm6C_7qFf8juAUTX-RwAAAIQ"] show less
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-08-09 12:11:25
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 08:11:18.952092 2024] [security2:error] [pid 22278:tid 22278] [client 102.165.41.59:4673] [client 102.165.41.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.183"] [uri "/.env"] [unique_id "ZrYHZqVzZz-47uMNVOJopgAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-09 12:00:14
(4 weeks ago)
20 attempts against mh-misbehave-ban on staging
Brute-Force
Bad Web Bot
Web App Attack
Mark Marks
2024-08-09 11:27:55
(4 weeks ago)
Unauthorized connection attempt detected port 8080
Hacking
TPI-Abuse
2024-08-09 11:05:06
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 07:04:58.944390 2024] [security2:error] [pid 8693:tid 8693] [client 102.165.41.59:4680] [client 102.165.41.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.57"] [uri "/.env"] [unique_id "ZrX32o0fnIjQsEFl4UKxlAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Interceptor_HQ
2024-08-09 09:56:58
(4 weeks ago)
request_uri: /.env -- automatic report --
Hacking
Brute-Force
TPI-Abuse
2024-08-09 09:04:26
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 05:04:18.956054 2024] [security2:error] [pid 16120:tid 16120] [client 102.165.41.59:4686] [client 102.165.41.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.189"] [uri "/.env"] [unique_id "ZrXbkqEXnHJpzBNTmw_cWwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-09 08:56:19
(4 weeks ago)
20 attempts against mh-misbehave-ban on mung
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-09 08:45:37
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 04:45:32.469372 2024] [security2:error] [pid 395545:tid 395545] [client 102.165.41.59:4731] [client 102.165.41.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.60"] [uri "/.env"] [unique_id "ZrXXLHLDE4JOo-j891sfPQAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-09 08:17:21
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 102.165.41.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 04:17:14.826229 2024] [security2:error] [pid 7477:tid 7477] [client 102.165.41.59:4791] [client 102.165.41.59] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.72"] [uri "/.env"] [unique_id "ZrXQioYrNzHVkLFqBGfb4gAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack