Cynar & Cinny
2024-11-30 16:12:27
(2 days ago)
httpd_block_log
Bad Web Bot
Countryman
2024-11-30 08:32:35
(2 days ago)
repeated unauthorized connection attempts, host sweep, port scan
Port Scan
TPI-Abuse
2024-11-30 08:17:38
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 138.197.138.252 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 138.197.138.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 03:17:35.265877 2024] [security2:error] [pid 13220:tid 13220] [client 138.197.138.252:33992] [client 138.197.138.252] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.64"] [uri "/.env"] [unique_id "Z0rKH1hGv3H09s3_zJQDwgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
lindi
2024-11-30 08:10:21
(2 days ago)
trying to access .env file
...
Hacking
Web App Attack
gumbysoft
2024-11-30 08:03:58
(2 days ago)
Too many HTTP Bad Requests
Bad Web Bot
fstap
2024-11-30 07:57:50
(2 days ago)
"GET /.env HTTP/1.1"
Bad Web Bot
Web App Attack
MPL
2024-11-30 07:30:58
(2 days ago)
tcp/443 (8 or more attempts)
Port Scan
Anonymous
2024-11-30 07:30:25
(2 days ago)
Unsolicited multiport scan
Port Scan
Anonymous
2024-11-30 07:26:40
(2 days ago)
Nov 30 08:26:40 rendez-vous openvpn[1727]: 138.197.138.252:40510 Connection reset, restarting [0]
VPN IP
Port Scan
Web App Attack
TPI-Abuse
2024-11-30 07:22:48
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 138.197.138.252 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 138.197.138.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 02:22:41.722559 2024] [security2:error] [pid 18194:tid 18194] [client 138.197.138.252:52098] [client 138.197.138.252] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.6"] [uri "/.env"] [unique_id "Z0q9QZU9YHQ2JcLEQ-7wRQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Study Bitcoin 🤗
2024-11-30 07:16:41
(2 days ago)
Port probe to tcp/443 (https)
[srv132]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
gurnip
2024-11-30 07:12:51
(2 days ago)
Vulnerability probe of page /.env, not found on server.
Brute-Force
Web App Attack
TPI-Abuse
2024-11-30 07:04:16
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 138.197.138.252 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 138.197.138.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 02:04:09.288178 2024] [security2:error] [pid 18965:tid 18965] [client 138.197.138.252:53184] [client 138.197.138.252] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.189"] [uri "/.env"] [unique_id "Z0q46dMM3E0tOYCXqiZhfwAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
sdos.es
2024-11-30 07:04:00
(2 days ago)
"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"
Web App Attack
mirekdusin
2024-11-30 06:59:15
(2 days ago)
ModSecurity detection - Rules: 930130(Restricted File Access Attempt), Type: Restricted File Access ... show more ModSecurity detection - Rules: 930130(Restricted File Access Attempt), Type: Restricted File Access Attempt show less
Web App Attack