TPI-Abuse
2024-11-11 16:50:07
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 11:50:03.685246 2024] [security2:error] [pid 26049:tid 26055] [client 165.227.172.171:45846] [client 165.227.172.171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.178"] [uri "/.env"] [unique_id "ZzI1u4lfQ7qL3ahLFqClNwAAAMQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
BlueBird Web
2024-11-11 16:46:05
(2 months ago)
Web App Attack
sdos.es
2024-11-11 16:04:43
(2 months ago)
"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"
Web App Attack
FEWA
2024-11-11 15:36:47
(2 months ago)
Fail2Ban Ban Triggered
Hacking
Bad Web Bot
Web App Attack
MogBox
2024-11-11 15:33:48
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 165.227.172.171 (DE/Germany/-): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 165.227.172.171 (DE/Germany/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Mon Nov 11 10:33:45.029583 2024] [security2:error] [pid 3974498:tid 3974527] [client 165.227.172.171:35162] [client 165.227.172.171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "67.225.186.60"] [uri "/.env"] [unique_id "ZzIj2fJL-V_H99EjlqnwkAAAAAI"] show less
Hacking
Security_Whaller
2024-11-11 15:32:58
(2 months ago)
Malicious activity detected on Honeypot.
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-11-11 14:55:54
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 09:55:51.662140 2024] [security2:error] [pid 12979:tid 12979] [client 165.227.172.171:37168] [client 165.227.172.171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.195"] [uri "/.env"] [unique_id "ZzIa9zuqlDvudEYTdmgomAAAAB4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-11 14:29:14
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 09:29:09.143093 2024] [security2:error] [pid 684:tid 684] [client 165.227.172.171:36728] [client 165.227.172.171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.119"] [uri "/.env"] [unique_id "ZzIUtUjfULzgMKKwGC-VQAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
sid3windr
2024-11-11 14:13:41
(2 months ago)
GET /.env (Tarpitted for , wasted 0B)
Web App Attack
TPI-Abuse
2024-11-11 13:49:04
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 08:48:58.720075 2024] [security2:error] [pid 17100:tid 17100] [client 165.227.172.171:40014] [client 165.227.172.171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.247"] [uri "/.env"] [unique_id "ZzILSgJ1uTCwO_TFWmt4ZgAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
PaulSep
2024-11-11 13:40:37
(2 months ago)
2024-11-11T14:40:36+01:00 [redacted] [Mon Nov 11 14:40:36.171313 2024] [core:info] [pid 6338:tid 140 ... show more 2024-11-11T14:40:36+01:00 [redacted] [Mon Nov 11 14:40:36.171313 2024] [core:info] [pid 6338:tid 140461217879744] [client 165.227.172.171:49705] AH00128: File does not exist: /var/services/web/.env show less
Hacking
KPS
2024-11-11 13:22:46
(2 months ago)
PortscanM
Port Scan
TPI-Abuse
2024-11-11 13:20:01
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 165.227.172.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 08:19:56.724086 2024] [security2:error] [pid 21182:tid 21182] [client 165.227.172.171:59110] [client 165.227.172.171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.236"] [uri "/.env"] [unique_id "ZzIEfJSuoPiWFwZBLsb6YQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
ASPAN
2024-11-11 13:01:13
(2 months ago)
Unsolicited connection attempt(s), port:443.
Port Scan
ASPAN
2024-11-11 13:01:13
(2 months ago)
Unsolicited connection attempt(s), port:443.
Port Scan