Anonymous
2024-10-11 02:57:47
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Bedios GmbH
2024-10-10 16:54:32
(1 month ago)
Login credentials theft attempt
Hacking
TPI-Abuse
2024-10-10 14:20:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 10 10:20:08.507746 2024] [security2:error] [pid 23869:tid 24065] [client 159.223.51.191:42920] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tennesseeplasticsurgeon.aafm.us"] [uri "/.env"] [unique_id "ZwfimMQb2Dx4Bq1HCcSGFAAAAMg"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-10-10 12:03:17
(1 month ago)
Too many Status 40X (15)
Scanning/Probing (14)
Brute-Force
Web App Attack
COMAITE
2024-10-10 09:28:11
(1 month ago)
Multiple web server 400 error codes from same source ip 159.223.51.191.
Web App Attack
Smel
2024-10-10 08:22:02
(1 month ago)
HTTP/80/443/8080 Unauthorized Probe, Hack -
Hacking
Web App Attack
TPI-Abuse
2024-10-09 23:40:26
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 19:40:19.827528 2024] [security2:error] [pid 32033:tid 32033] [client 159.223.51.191:58224] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "templeantiques.com"] [uri "/.env"] [unique_id "ZwcUY8XhB0SczuX1C8hH-AAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-09 16:05:15
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-10-09 14:22:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 10:22:11.206470 2024] [security2:error] [pid 20504:tid 20504] [client 159.223.51.191:45470] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "telraproductions.tvstvnetworks.com"] [uri "/.env"] [unique_id "ZwaRk3MJvLeDe-QiwW5yLgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-09 10:17:40
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 06:17:36.102411 2024] [security2:error] [pid 28804:tid 28804] [client 159.223.51.191:37172] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tell-me-first.com"] [uri "/.env"] [unique_id "ZwZYQGPidohEiM_eSJWlbgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-09 05:23:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 09 01:23:34.635048 2024] [security2:error] [pid 14278:tid 14278] [client 159.223.51.191:43828] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teleplussolutions.com"] [uri "/.env"] [unique_id "ZwYTVmxznAkuptIukuRecQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
BlueWire Hosting
2024-10-09 04:10:06
(1 month ago)
Scanning for Laravel vulnerabilities
Web App Attack
TPI-Abuse
2024-10-08 23:50:49
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 08 19:50:46.145857 2024] [security2:error] [pid 31900:tid 31900] [client 159.223.51.191:45862] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "telecompros.net"] [uri "/.env"] [unique_id "ZwXFVi4tO4d6Lj9jWX1WiQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-08 23:30:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 08 19:30:13.245062 2024] [security2:error] [pid 16987:tid 17009] [client 159.223.51.191:39226] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "telecomdetectives.com.jameskeeton.com"] [uri "/.env"] [unique_id "ZwXAhbloWh7ut8uUxkez4wAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-08 19:41:43
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.223.51.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 08 15:41:38.415770 2024] [security2:error] [pid 28675:tid 28675] [client 159.223.51.191:51400] [client 159.223.51.191] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tekrav.kuddlkat.com"] [uri "/.env"] [unique_id "ZwWK8iezNO63DnRczi0KhQAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack