TPI-Abuse
2024-08-05 21:46:32
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 185.112.83.96 (selective-scissors.aeza.network) ... show more (mod_security) mod_security (id:210492) triggered by 185.112.83.96 (selective-scissors.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 17:46:27.213798 2024] [security2:error] [pid 14030:tid 14030] [client 185.112.83.96:54212] [client 185.112.83.96] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.28"] [uri "/.env"] [unique_id "ZrFIMyMOrBabHxCAPFv6wAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-05 19:50:58
(2 months ago)
185.112.83.96 - - [05/Aug/2024:21:50:57 +0200] "GET /.env HTTP/1.1" 403 4986 "-" "python-requests/2. ... show more 185.112.83.96 - - [05/Aug/2024:21:50:57 +0200] "GET /.env HTTP/1.1" 403 4986 "-" "python-requests/2.32.3"
... show less
Web App Attack
TPI-Abuse
2024-08-05 19:32:03
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 185.112.83.96 (selective-scissors.aeza.network) ... show more (mod_security) mod_security (id:210492) triggered by 185.112.83.96 (selective-scissors.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 15:31:55.686933 2024] [security2:error] [pid 6188:tid 6199] [client 185.112.83.96:63307] [client 185.112.83.96] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.86"] [uri "/.env"] [unique_id "ZrEoq7iWv1Mf9yJVHb_QJwAAAIk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 18:19:55
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 185.112.83.96 (selective-scissors.aeza.network) ... show more (mod_security) mod_security (id:210492) triggered by 185.112.83.96 (selective-scissors.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 14:19:51.206750 2024] [security2:error] [pid 30664:tid 30664] [client 185.112.83.96:63466] [client 185.112.83.96] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.169"] [uri "/.env"] [unique_id "ZrEXxy7Meg8nCtXY1O_7CQAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
w-e-c-l-o-u-d-i-t
2024-08-05 18:15:59
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 185.112.83.96 (US/United States/selective-sciss ... show more (mod_security) mod_security (id:210492) triggered by 185.112.83.96 (US/United States/selective-scissors.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC show less
Brute-Force
SSH
MPL
2024-08-05 12:50:31
(2 months ago)
tcp/443
Port Scan
MPL
2024-08-05 12:50:31
(2 months ago)
tcp/443
Port Scan
Countryman
2024-08-05 12:40:51
(2 months ago)
repeated unauthorized connection attempts, host sweep, port scan
Port Scan
MPL
2024-08-05 11:07:13
(2 months ago)
tcp/443 (2 or more attempts)
Port Scan
MPL
2024-08-05 06:53:14
(2 months ago)
tcp/443
Port Scan
abuse_IP_reporter
2024-08-05 06:45:14
(2 months ago)
Aug 5 09:34:53 server UFW BLOCK SRC=185.112.83.96 PROTO=TCP SPT=52889 DPT=443
Port Scan
MPL
2024-08-05 06:08:23
(2 months ago)
tcp/443 (3 or more attempts)
Port Scan
MPL
2024-08-05 02:54:27
(2 months ago)
tcp/443
Port Scan
MPL
2024-08-05 02:54:27
(2 months ago)
tcp/443
Port Scan
MPL
2024-08-04 17:40:59
(2 months ago)
tcp/443 (2 or more attempts)
Port Scan