๐ฌ๐ง
SilverZippo
2024-01-29 01:42:35
(2 years ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-27 15:55:10
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 27 10:55:03.886769 2024] [security2:error] [pid 3502] [client 142.132.192.182:37978] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "petland.app"] [uri "/.env"] [unique_id "ZbUnVzKlWDdKdIVTznlOcQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-01-27 14:46:48
(2 years ago)
142.132.192.182 - - [27/Jan/2024:15:46:48 +0100] "GET /.env HTTP/1.1" 403 6384 "-" "python-requests/ ...
show more
142.132.192.182 - - [27/Jan/2024:15:46:48 +0100] "GET /.env HTTP/1.1" 403 6384 "-" "python-requests/2.25.1"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-27 13:24:42
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 27 08:24:37.412115 2024] [security2:error] [pid 30658] [client 142.132.192.182:48410] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxford-gliding-club.co.uk"] [uri "/public/.env"] [unique_id "ZbUEFcowSYU5YaymsXvJcwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
mangomad
2024-01-27 12:23:16
(2 years ago)
Repeated Apache mod_security rule triggers
Brute-Force
Web App Attack
๐ฌ๐ง
rakkor
2024-01-27 12:15:01
(2 years ago)
2024/01/27 12:15:00 [error] 16462#16462: *2200071 open() "/var/services/web/.env" failed (2: No such ...
show more
2024/01/27 12:15:00 [error] 16462#16462: *2200071 open() "/var/services/web/.env" failed (2: No such file or directory), client: 142.132.192.182, server: , request: "GET /.env HTTP/1.1", host: "cruising.rakkor.uk"
...
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ท
uhlhosting
2024-01-27 11:27:57
(2 years ago)
tkr-bausysteme.ch 142.132.192.182 - - [27/Jan/2024:12:27:56.059979 +0100] "GET /.env HTTP/1.1" 403 1 ...
show more
tkr-bausysteme.ch 142.132.192.182 - - [27/Jan/2024:12:27:56.059979 +0100] "GET /.env HTTP/1.1" 403 199 "-" "-" ZbTovAi9evA0r2TCMIYR2gAAAAE "-" /apache/20240127/20240127-1227/20240127-122756-ZbTovAi9evA0r2TCMIYR2gAAAAE 0 1122 md5:616143bd1310e2cb8b4628cec1360e6e
tkr-bausysteme.ch 142.132.192.182 - - [27/Jan/2024:12:27:56.171027 +0100] "GET /public/.env HTTP/1.1" 403 199 "-" "-" ZbTovO47GuLfyBP-5WPzigAAAQg "-" /apache/20240127/20240127-1227/20240127-122756-ZbTovO47GuLfyBP-5WPzigAAAQg 0 1760 md5:159800d5f16a6010e0c3ec931227251b
tkr-bausysteme.ch 142.132.192.182 - - [27/Jan/2024:12:27:56.345226 +0100] "GET /staging/.env HTTP/1.1" 403 199 "-" "-" ZbTovO47GuLfyBP-5WPziwAAAQI "-" /apache/20240127/20240127-1227/20240127-122756-ZbTovO47GuLfyBP-5WPziwAAAQI 0 1762 md5:1cf142d2cbf5727e9241234ee6c7862b
tkr-bausysteme.ch 142.132.192.182 - - [27/Jan/2024:12:27:56.453641 +0100] "GET /admin/.env HTTP/1.1" 403 199 "-" "-" ZbTovO47GuLfyBP-5WPzjAAAARM "-" /apache/20240127/20240127-1227/20240127-122756-
...
show less
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2024-01-27 08:38:44
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 27 03:38:39.468914 2024] [security2:error] [pid 10576] [client 142.132.192.182:52308] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pastorsform.cmabiblequizzing.org"] [uri "/.env"] [unique_id "ZbTBD8X-AeexA4iu9IokOAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-27 08:12:23
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 27 03:12:17.520338 2024] [security2:error] [pid 1377] [client 142.132.192.182:38012] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "icesoft.ahijado.org"] [uri "/.env"] [unique_id "ZbS64UYIXjoMf-Rqyt9hkQAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2024-01-26 18:13:22
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (DE/Germany/static.182.192.132. ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (DE/Germany/static.182.192.132.142.clients.your-server.de): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
Anonymous
2024-01-26 18:05:06
(2 years ago)
Failed login attempt detected by Fail2Ban in plesk-modsecurity jail
Exploited Host
๐บ๐ธ
TPI-Abuse
2024-01-26 15:22:30
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 10:22:23.023084 2024] [security2:error] [pid 21530] [client 142.132.192.182:40740] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tpdtuberental.com"] [uri "/.env"] [unique_id "ZbPOL3QqCxhrZDFfeHjgWAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-26 13:19:39
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 08:19:31.339580 2024] [security2:error] [pid 25835] [client 142.132.192.182:33816] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "t1apparel.liddlesports.com"] [uri "/.env"] [unique_id "ZbOxY28SEpag-Q04Pcth7QAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-26 08:29:13
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 03:29:05.489794 2024] [security2:error] [pid 31594] [client 142.132.192.182:53416] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rntoday.com"] [uri "/.env"] [unique_id "ZbNtUSsXRwNTqMrgE75aZgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-01-26 07:31:03
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients ...
show more
(mod_security) mod_security (id:210492) triggered by 142.132.192.182 (static.182.192.132.142.clients.your-server.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 26 02:30:58.171713 2024] [security2:error] [pid 25546] [client 142.132.192.182:35580] [client 142.132.192.182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ramoundos.com"] [uri "/.env"] [unique_id "ZbNfsjBBRDLKFw5O8lzm9wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack