urmarcht
2024-11-19 08:20:35
(3 weeks ago)
Bot attack detected : webscan vurnerability
Web App Attack
rshict
2024-11-18 10:20:31
(3 weeks ago)
Hacking, Brute-Force, Web App Attack
Hacking
Brute-Force
Web App Attack
RF68
2024-11-15 06:17:32
(4 weeks ago)
138.197.145.188 [14/Nov/2024 * Spam host detected, probing for vulnerabilities]
Web Spam
Exploited Host
Web App Attack
MPL
2024-11-14 12:23:03
(4 weeks ago)
tcp/443 (4 or more attempts)
Port Scan
TPI-Abuse
2024-11-14 12:09:27
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 07:09:21.162025 2024] [security2:error] [pid 27884:tid 27884] [client 138.197.145.188:47936] [client 138.197.145.188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.248"] [uri "/.env"] [unique_id "ZzXocbIofg5acxeFQJ8LvwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
OK
2024-11-14 12:09:03
(4 weeks ago)
HTTP/HTTPS
Hacking
Web App Attack
taivas.nl
2024-11-14 12:00:05
(4 weeks ago)
General bad request
Bad Web Bot
TPI-Abuse
2024-11-14 11:54:04
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 06:53:58.866939 2024] [security2:error] [pid 12678:tid 12678] [client 138.197.145.188:37952] [client 138.197.145.188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.20"] [uri "/.env"] [unique_id "ZzXk1pMDkXHjIUSEqFYcnQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
MPL
2024-11-14 11:43:28
(4 weeks ago)
tcp/443 (8 or more attempts)
Port Scan
TPI-Abuse
2024-11-14 11:38:50
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 06:38:44.791940 2024] [security2:error] [pid 3612168:tid 3612168] [client 138.197.145.188:57594] [client 138.197.145.188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.154"] [uri "/.env"] [unique_id "ZzXhRLgjp0MgqGDHEA5msgAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
ANTI SCANNER
2024-11-14 11:32:05
(4 weeks ago)
Scanner : /.env
Web Spam
swrlly
2024-11-14 11:20:40
(4 weeks ago)
attempt to exploit known webserver vulnerabilities
Web App Attack
penjaga BRIN
2024-11-14 11:16:49
(4 weeks ago)
nginx-alfa-240
Web App Attack
TPI-Abuse
2024-11-14 11:15:52
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 138.197.145.188 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 06:15:46.482697 2024] [security2:error] [pid 30320:tid 30320] [client 138.197.145.188:47710] [client 138.197.145.188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.57"] [uri "/.env"] [unique_id "ZzXb4nUA6yHQ-OZHa0HzngAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
whitehoodie
2024-11-14 10:59:14
(4 weeks ago)
AUTOMATED REPORT: Tried to access .env file
Hacking
Bad Web Bot
Web App Attack