sdos.es
2024-10-14 07:42:23
(1 month ago)
"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"
Web App Attack
FEWA
2024-10-14 07:22:38
(1 month ago)
Fail2Ban Ban Triggered
Hacking
Bad Web Bot
Web App Attack
MogBox
2024-10-14 07:20:36
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 143.110.184.180 (IN/India/-): 1 in the last 360 ... show more (mod_security) mod_security (id:210492) triggered by 143.110.184.180 (IN/India/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Mon Oct 14 03:20:33.866665 2024] [security2:error] [pid 3695919:tid 3695967] [client 143.110.184.180:57244] [client 143.110.184.180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "67.225.186.60"] [uri "/.env"] [unique_id "ZwzGQbTTe2aFRWbS2L4pyQAAAFQ"] show less
Hacking
Security_Whaller
2024-10-14 07:20:00
(1 month ago)
Malicious activity detected on Honeypot.
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-10-14 06:55:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 02:55:07.786619 2024] [security2:error] [pid 16609:tid 16609] [client 143.110.184.180:50668] [client 143.110.184.180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.195"] [uri "/.env"] [unique_id "ZwzASydbj3WMHxIV9FeapAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
diego
2024-10-14 06:43:34
(1 month ago)
Events: TCP SYN Discovery or Flooding, Seen 15 times in the last 10800 seconds
DDoS Attack
TPI-Abuse
2024-10-14 06:36:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 02:36:20.794732 2024] [security2:error] [pid 26450:tid 26450] [client 143.110.184.180:35226] [client 143.110.184.180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.119"] [uri "/.env"] [unique_id "Zwy75HWmMyRTw04V2iblLgAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
sid3windr
2024-10-14 06:25:45
(1 month ago)
GET /.env (Tarpitted for , wasted 0B)
Web App Attack
TPI-Abuse
2024-10-14 06:08:59
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 02:08:52.106126 2024] [security2:error] [pid 23388:tid 23388] [client 143.110.184.180:35248] [client 143.110.184.180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.247"] [uri "/.env"] [unique_id "Zwy1dLyPovb2-wtGlz5N6wAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
webbfabriken
2024-10-14 06:06:45
(1 month ago)
spam or other hacking activities reported by webbfabriken security servers
Attack reported by ... show more spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabriken Security API - WFSecAPI show less
Web Spam
TPI-Abuse
2024-10-14 05:49:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 01:48:57.024131 2024] [security2:error] [pid 23240:tid 23240] [client 143.110.184.180:50470] [client 143.110.184.180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.236"] [uri "/.env"] [unique_id "ZwywyTp8Sm7mW9Br4UVyDwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
diego
2024-10-14 05:17:44
(1 month ago)
Events: TCP SYN Discovery or Flooding, Seen 9 times in the last 10800 seconds
DDoS Attack
HoneyPotEu
2024-10-14 05:15:09
(1 month ago)
143.110.184.180 [redacted] (14061-DIGITALOCEAN-ASN India Bengaluru) - - [14/Oct/2024:07:14:58 +0200] ... show more 143.110.184.180 [redacted] (14061-DIGITALOCEAN-ASN India Bengaluru) - - [14/Oct/2024:07:14:58 +0200] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 Keydrop"
... show less
Bad Web Bot
Web App Attack
urmarcht
2024-10-14 05:04:04
(1 month ago)
Bot attack detected : webscan vurnerability
Web App Attack
TPI-Abuse
2024-10-14 05:01:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 143.110.184.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 01:01:09.253825 2024] [security2:error] [pid 29961:tid 29961] [client 143.110.184.180:48246] [client 143.110.184.180] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.213"] [uri "/.env"] [unique_id "Zwyllf9BqrcxgKNlwoGDywAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack