LTM
2024-08-15 06:20:02
(1 month ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-08-14 09:08:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 05:08:14.352797 2024] [security2:error] [pid 4336:tid 4477] [client 176.8.250.233:53796] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "paylessformedicine.com"] [uri "/.env"] [unique_id "Zrxz_mdfGlfJXOYyFNNE6QAAAMY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-14 08:06:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 04:06:15.576453 2024] [security2:error] [pid 20119:tid 20119] [client 176.8.250.233:62642] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lundtrading.com"] [uri "/.env"] [unique_id "ZrxldwFfPUStBXg0se2j1gAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-14 06:07:34
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 02:07:27.739649 2024] [security2:error] [pid 6867:tid 6867] [client 176.8.250.233:65063] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "collectablecryptos.com"] [uri "/.env"] [unique_id "ZrxJn0gTyOPg1cGkMeblVQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-08-14 05:02:01
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-08-14 03:27:37
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 23:27:31.869955 2024] [security2:error] [pid 21310:tid 21310] [client 176.8.250.233:63211] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "trademartghana.com"] [uri "/.env"] [unique_id "ZrwkI0ihjvtUkTHJVrZ1AAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hydra-Shield.fr
2024-08-13 19:42:35
(1 month ago)
Directory Traversal on: /.env
Web App Attack
TPI-Abuse
2024-08-12 00:13:46
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 20:13:40.374734 2024] [security2:error] [pid 9879:tid 9879] [client 176.8.250.233:62578] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "otrantocapital.com"] [uri "/.env"] [unique_id "ZrlTtMgjQ6NnPegoZkyHdAAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 21:28:24
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 17:28:19.584130 2024] [security2:error] [pid 24732:tid 24732] [client 176.8.250.233:54225] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coalminer.com"] [uri "/.env"] [unique_id "Zrks85UGWBN-pan-AS1m0gAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 20:36:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 16:36:19.701632 2024] [security2:error] [pid 7406:tid 7406] [client 176.8.250.233:57944] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ballast-capital.com"] [uri "/.env"] [unique_id "Zrkgw8p5zuwaf3tleL4IvQAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 20:09:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 16:09:27.857200 2024] [security2:error] [pid 23460:tid 23460] [client 176.8.250.233:52157] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casapapayasanmiguel.com"] [uri "/.env"] [unique_id "Zrkad5HBj1fMDLrkVkxKNwAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 15:29:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar ... show more (mod_security) mod_security (id:210492) triggered by 176.8.250.233 (176-8-250-233.broadband.kyivstar.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 11:29:39.881337 2024] [security2:error] [pid 8187:tid 8187] [client 176.8.250.233:58202] [client 176.8.250.233] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jmarkcapital.com"] [uri "/.env"] [unique_id "ZrjY44Ydtd_3UECw6OQkowAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hydra-Shield.fr
2024-08-11 14:55:29
(1 month ago)
Directory Traversal on: /.env
Web App Attack
ozisp.com.au
2024-08-11 14:23:13
(1 month ago)
UA__<33>1723386191 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Classificatio ... show more UA__<33>1723386191 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Classification: Misc activity] [Priority: 3] {TCP} 176.8.250.233:64470 show less
Hacking
FireballDWF
2024-08-11 12:00:06
(1 month ago)
404 NOT FOUND
Web App Attack