Cynar & Cinny
2024-11-14 16:12:36
(4 weeks ago)
httpd_block_log
Bad Web Bot
TPI-Abuse
2024-11-14 13:50:57
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 08:50:52.116716 2024] [security2:error] [pid 4730:tid 4730] [client 165.232.183.64:56012] [client 165.232.183.64] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.27"] [uri "/.env"] [unique_id "ZzYAPITEtfBqPlZUDRpwrAAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-14 13:32:29
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 08:32:24.687848 2024] [security2:error] [pid 25642:tid 25642] [client 165.232.183.64:40428] [client 165.232.183.64] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.64"] [uri "/.env"] [unique_id "ZzX76PHwOjHigfrK-VnO9QAAAFE"] show less
Brute-Force
Bad Web Bot
Web App Attack
lindi
2024-11-14 13:22:39
(4 weeks ago)
trying to access .env file
...
Hacking
Web App Attack
gumbysoft
2024-11-14 13:14:21
(4 weeks ago)
Too many HTTP Bad Requests
Bad Web Bot
sbk97 (https://sayor.online)
2024-11-14 13:09:53
(4 weeks ago)
GET / HTTP/1.0
Web App Attack
fstap
2024-11-14 13:05:54
(4 weeks ago)
"GET /.env HTTP/1.1"
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-14 12:48:58
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 07:48:51.331386 2024] [security2:error] [pid 29502:tid 29529] [client 165.232.183.64:53120] [client 165.232.183.64] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.134"] [uri "/.env"] [unique_id "ZzXxs5ElaEfhfV3IPNpUWwAAAVY"] show less
Brute-Force
Bad Web Bot
Web App Attack
MPL
2024-11-14 12:32:38
(4 weeks ago)
tcp/443 (6 or more attempts)
Port Scan
Anonymous
2024-11-14 12:31:21
(4 weeks ago)
Unsolicited multiport scan
Port Scan
Anonymous
2024-11-14 12:27:20
(4 weeks ago)
Nov 14 13:27:19 rendez-vous openvpn[1795]: 165.232.183.64:39116 Connection reset, restarting [0]
VPN IP
Port Scan
Web App Attack
TPI-Abuse
2024-11-14 12:22:21
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.232.183.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 07:22:15.515011 2024] [security2:error] [pid 3878:tid 3878] [client 165.232.183.64:41506] [client 165.232.183.64] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.6"] [uri "/.env"] [unique_id "ZzXrd2e_JSK1ykMIskYVWwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
diego
2024-11-14 12:19:28
(4 weeks ago)
Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 10800 seconds
DDoS Attack
Study Bitcoin 🤗
2024-11-14 12:13:00
(4 weeks ago)
Port probe to tcp/443 (https)
[srv132]
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
gurnip
2024-11-14 12:08:34
(4 weeks ago)
Vulnerability probe of page /.env, not found on server.
Brute-Force
Web App Attack