octageeks.com
|
|
Wordpress malicious attack:[octablocked]
|
Web App Attack
|
|
service Informatique
|
|
GET /.env
|
Web App Attack
|
|
JPPO
|
|
GET /.env or GET //.env with or without prefix /api ...
|
Web App Attack
|
|
Anonymous
|
|
Malicious activity detected
|
Hacking
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 13 10:28:10.273619 2024] [security2:error] [pid 23969:tid 23969] [client 162.243.6.146:33872] [client 162.243.6.146] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.88"] [uri "/.env"] [unique_id "Z1xSikzk1XZn2XruxDl14wAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Interceptor_HQ
|
|
request_uri: /.env -- automatic report --
|
Hacking
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 13 10:10:39.326199 2024] [security2:error] [pid 3797046:tid 3797046] [client 162.243.6.146:49816] [client 162.243.6.146] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.100"] [uri "/.env"] [unique_id "Z1xObxyWM9iDjjq1hKaamwAAABY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
BlueWire Hosting
|
|
Scanning for Laravel vulnerabilities
|
Web App Attack
|
|
MPL
|
|
tcp/443 (4 or more attempts)
|
Port Scan
|
|
Countryman
|
|
repeated unauthorized connection attempts, host sweep, port scan
|
Port Scan
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 13 09:54:10.031073 2024] [security2:error] [pid 16427:tid 16427] [client 162.243.6.146:46468] [client 162.243.6.146] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.19"] [uri "/.env"] [unique_id "Z1xKklAheCFlQzyPEBr8RgAAAAo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
162.243.6.146 - - [13/Dec/2024:14:41:25 +0000] "GET /.env HTTP/1.1" 404 11 "-" "Mozilla/5.0 Keydrop" ... show more162.243.6.146 - - [13/Dec/2024:14:41:25 +0000] "GET /.env HTTP/1.1" 404 11 "-" "Mozilla/5.0 Keydrop"
... show less
|
Hacking
Web App Attack
|
|
Bedios GmbH
|
|
Login credentials theft attempt
|
Hacking
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 162.243.6.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 13 09:33:31.998834 2024] [security2:error] [pid 22233:tid 22233] [client 162.243.6.146:56520] [client 162.243.6.146] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.148"] [uri "/.env"] [unique_id "Z1xFu91pd0gZAf1aTmjPugAAAAc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
onkeltom
|
|
Multiple unauthorized connection attempts
|
Hacking
Brute-Force
|
|