Anonymous
2025-08-11 12:20:38
(10 months ago)
AndroxGh0st.Malware
DDoS Attack
πΊπΈ
TPI-Abuse
2025-08-04 15:42:56
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 04 11:42:52.147376 2025] [security2:error] [pid 9298:tid 9298] [client 193.24.210.106:56713] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.120"] [uri "/.env"] [unique_id "aJDU_BiTyMOA1KvTN6hvOQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
kkeyser
2025-08-04 15:39:16
(10 months ago)
GET /.env HTTP/1.1
Web App Attack
πΊπΈ
TPI-Abuse
2025-08-04 15:25:13
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 04 11:25:08.084598 2025] [security2:error] [pid 15700:tid 15700] [client 193.24.210.106:58880] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.56"] [uri "/.env"] [unique_id "aJDQ1M4ZDVJ0y3J1uoFKZgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-08-04 15:10:12
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 04 11:10:08.150970 2025] [security2:error] [pid 24747:tid 24747] [client 193.24.210.106:56860] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.162"] [uri "/.env"] [unique_id "aJDNUIkXpufenZGPHv-u2wAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
Starburst SysOp Team
2025-08-04 15:07:04
(10 months ago)
Host header is a numeric IP address. Pattern match "(?:^( (920350-iad5-2)
Hacking
Bad Web Bot
πΊπΈ
TPI-Abuse
2025-08-04 14:01:59
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 04 10:01:53.660155 2025] [security2:error] [pid 3710:tid 3715] [client 193.24.210.106:53647] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.201"] [uri "/.env"] [unique_id "aJC9UT8L4V0KQecWZeBk7wAAAIM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-08-04 13:11:22
(10 months ago)
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 193.24.210.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 04 09:11:13.317958 2025] [security2:error] [pid 3299:tid 3299] [client 193.24.210.106:53300] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.228"] [uri "/.env"] [unique_id "aJCxcQEWKvKJhzB6qZ5q9QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Mr-Money
2025-08-04 12:43:08
(10 months ago)
193.24.210.106 - - [04/Aug/2025:14:43:07 +0200] "GET /.env HTTP/1.1" 404 413 "-" "Mozilla/5.0 (X11; ...
show more
193.24.210.106 - - [04/Aug/2025:14:43:07 +0200] "GET /.env HTTP/1.1" 404 413 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
π¨π
SOC [GOLINE SA]
2025-08-04 12:01:38
(10 months ago)
FortiGate detected IPS attack from IPv4 address 193.24.210.106
Hacking
π©πͺ
ManagedStack
2025-08-04 12:00:02
(10 months ago)
Probing access to unauthorized locations
Hacking
Exploited Host
Web App Attack
π©πͺ
alliance
2025-08-04 11:38:50
(10 months ago)
04.08.2025 11:38:50 Environment file scan (/.env)
Hacking
Web App Attack
π©πͺ
Mr-Money
2025-08-04 10:33:17
(10 months ago)
193.24.210.106 - - [04/Aug/2025:12:33:16 +0200] "GET /.env HTTP/1.1" 404 493 "-" "Mozilla/5.0 (X11; ...
show more
193.24.210.106 - - [04/Aug/2025:12:33:16 +0200] "GET /.env HTTP/1.1" 404 493 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
...
show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
πΊπΈ
jkhorvath.com
2025-08-04 10:07:23
(10 months ago)
Request for URL /.env
Phishing
Brute-Force
Web App Attack
Anonymous
2025-08-02 18:44:53
(11 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host