|
๐บ๐ธ
ipblock.com
|
|
IPBlock protected site ID [4055-d][s=04].
Exploit request, vulnerability scanner.
|
Hacking
Bad Web Bot
Web App Attack
|
|
|
๐ง๐ท
hostseries
|
|
Trigger: LF_DISTATTACK
|
Brute-Force
|
|
|
๐ฉ๐ช
botreporter
|
|
CMS vulnerability/installation scanning
|
Brute-Force
Web App Attack
|
|
|
๐ซ๐ท
IRISIO
|
|
scans/SQL injection/spam posts : 93 queries
|
SQL Injection
Web App Attack
|
|
|
๐ง๐ช
cmbplf
|
|
125 requests with url.path *.env
|
Brute-Force
Bad Web Bot
|
|
|
๐ฉ๐ช
conseilgouz
|
|
vee-12 : Block return, carriage return, ... characters=>/?query=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E ...
show more
vee-12 : Block return, carriage return, ... characters=>/?query=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&s=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&search=%...(>)
show less
|
Hacking
|
|
|
๐ง๐ช
holos.pt
|
|
Blocked for Directory Traversal (Requesting wp-config.php) in query string: ../wp-config.php
|
Web App Attack
|
|
|
๐บ๐ธ
thefoofighter
|
|
[Fri Jun 06 04:59:40.032500 2025] [:error] [pid 3737120] [client 193.148.19.8:5953] [client 193.148. ...
show more
[Fri Jun 06 04:59:40.032500 2025] [:error] [pid 3737120] [client 193.148.19.8:5953] [client 193.148.19.8] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "sourcemodding.com"] [uri "/docker-compose.yml"] [unique_id "aEJ1vJ9-vkHDOUnPfqIqYQAAAFE"]
[Fri Jun 06 04:59:40.181041 2025] [:error] [pid 3737108] [client 193.148.19.8:5812] [client 193.148.19.8] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_
...
show less
|
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
Sklurk
|
|
Web App Attack
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 193.148.19.8 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 193.148.19.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 05 20:58:13.611618 2025] [security2:error] [pid 2848155:tid 2848155] [client 193.148.19.8:5936] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renju.net"] [uri "/.git/config"] [unique_id "aEI9JXWxKIAVb1Ef8g5hGAAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
dynamix
|
|
Multiple WAF Violations
|
Web App Attack
|
|
|
๐ต๐ฑ
nfsec.pl
|
|
193.148.19.8 - - [05/Jun/2025:22:58:01 +0200] "GET /wp-content/themes/.git/config HTTP/1.1" 403 413 ...
show more
193.148.19.8 - - [05/Jun/2025:22:58:01 +0200] "GET /wp-content/themes/.git/config HTTP/1.1" 403 413 "-" "Mozilla/5.0 (Linux; Android 11; SAMSUNG SM-G973U) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/14.2 Chrome/87.0.4280.141 Mobile Safari/537.36"
193.148.19.8 - - [05/Jun/2025:22:58:02 +0200] "GET /?query=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&s=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&search=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&q=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E HTTP/1.1" 403 7741 "-" "python-requests/2.32.3"
193.148.19.8 - - [05/Jun/2025:22:58:03 +0200] "GET /search?query=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&s=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&search=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E&q=%22%3E%3Ch1%3Ehacklaplanete%3C/h1%3E HTTP/1.1" 403 7741 "-" "python-requests/2.32.3"
193.148.19.8 - - [05/Jun/2025:22:58:09 +0200] "GET /wp-content/plugins/apikey/apikey.php?test=hello HTTP/1.1" 404 30694 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0"
193.
...
show less
|
Exploited Host
Web App Attack
|
|
|
๐ซ๐ท
COMAITE
|
|
Multiple web server 400 error codes from same source ip 193.148.19.8.
|
Web App Attack
|
|
|
๐บ๐ธ
nationaleventpros.com
|
|
vulnerability scan
|
Web App Attack
|
|
|
๐ฉ๐ช
ps-center
|
|
MYH: Web Attack GET /admin/.env
|
Web Spam
Hacking
Bad Web Bot
Web App Attack
|
|