openstrike.co.uk
2024-03-22 06:12:21
(5 months ago)
12 attacks on Alfa URLs:
GET /wp-content/ALFA_DATA/alfacgiapi/perl.alfa.php HTTP/1.1
Hacking
TPI-Abuse
2024-03-21 20:36:30
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 21 16:36:25.193524 2024] [security2:error] [pid 1174] [client 136.144.35.247:20529] [client 136.144.35.247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "4give-n-hearts.org"] [uri "/wp-includes/css/wp-config.php"] [unique_id "ZfyaSVkc_faQncJwtM921gAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-20 18:32:47
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 20 14:32:39.668198 2024] [security2:error] [pid 27054] [client 136.144.35.247:59887] [client 136.144.35.247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "advancedimplantacademy.com"] [uri "/wp-includes/css/wp-config.php"] [unique_id "Zfsrx_TByIjV-sgMoF41LAAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Cego
2024-03-19 21:50:00
(5 months ago)
Too many Status 40X
Brute-Force
Web App Attack
10dencehispahard SL
2024-03-19 04:00:23
(6 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
MAGIC
2024-01-05 09:01:57
(8 months ago)
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2023-12-17 14:53:02
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 17 09:52:58.684581 2023] [security2:error] [pid 21312] [client 136.144.35.247:25611] [client 136.144.35.247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kemela.com"] [uri "/.env"] [unique_id "ZX8LSjUTmJfK8lgJQGEvSwAAAB0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-12-17 13:55:14
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 17 08:55:03.301630 2023] [security2:error] [pid 4449] [client 136.144.35.247:29931] [client 136.144.35.247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "millgirlmusings.com"] [uri "/crm/.env"] [unique_id "ZX79t1mZv53YopZCHcOGDQAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Ba-Yu
2023-12-17 13:02:47
(9 months ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2023-12-17 10:06:44
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 17 05:06:38.312654 2023] [security2:error] [pid 32210] [client 136.144.35.247:27935] [client 136.144.35.247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aquascapes.net"] [uri "/backend/.env"] [unique_id "ZX7ILnWBgqspW7McdamFqwAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
CrystalMaker
2023-12-17 09:13:57
(9 months ago)
Vulnerability scan - GET /web/.env
Hacking
Anonymous
2023-12-17 09:05:11
(9 months ago)
WordPress admin/config access attempt:
136.144.35.247 - - [17/Dec/2023:08:59:32 +0000] "GET / ... show more WordPress admin/config access attempt:
136.144.35.247 - - [17/Dec/2023:08:59:32 +0000] "GET /wp-config.php HTTP/1.1" 404 251 "-" "python-requests/2.31.0" show less
Hacking
Web App Attack
TPI-Abuse
2023-11-25 14:58:48
(9 months ago)
(mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 136.144.35.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 25 09:58:44.323814 2023] [security2:error] [pid 3846849:tid 47648790845184] [client 136.144.35.247:26917] [client 136.144.35.247] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "culturageek-lab.com"] [uri "/.env"] [unique_id "ZWILpEYoFCo-M4XrPLfh-QAAARc"] show less
Brute-Force
Bad Web Bot
Web App Attack
balsakup.fr
2023-11-25 14:33:29
(9 months ago)
[portscan] Port scan
Port Scan
MAGIC
2023-09-10 11:20:19
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot