ToDi
2024-12-05 16:02:42
(44 minutes ago)
WebAttack or semilar from 213.35.107.8
Web App Attack
Anonymous
2024-12-05 14:23:48
(2 hours ago)
$f2bV_matches
Brute-Force
cmbplf
2024-12-05 13:31:58
(3 hours ago)
263 requests to *.env
Brute-Force
Bad Web Bot
paissangroup
2024-12-05 13:15:09
(3 hours ago)
Multiple WAF Violations
Web App Attack
joetaylor.dev
2024-12-05 12:59:57
(3 hours ago)
[05/Dec/2024:12:59:06.754266 +0000] Z1Gjmkmg4TmeS40h6gNqcQAAAIY 213.35.107.8 32946 127.0.0.1 7081<br ... show more [05/Dec/2024:12:59:06.754266 +0000] Z1Gjmkmg4TmeS40h6gNqcQAAAIY 213.35.107.8 32946 127.0.0.1 7081
[05/Dec/2024:12:59:09.340650 +0000] Z1GjnUmg4TmeS40h6gNqcgAAAI4 213.35.107.8 37254 127.0.0.1 7081
[05/Dec/2024:12:59:12.097460 +0000] Z1GjoEmg4TmeS40h6gNqcwAAAIc 213.35.107.8 37258 127.0.0.1 7081
... show less
Hacking
Web App Attack
TPI-Abuse
2024-12-04 04:10:21
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 23:10:18.436597 2024] [security2:error] [pid 1879086:tid 1879086] [client 213.35.107.8:54327] [client 213.35.107.8] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.brushofmagic.com"] [uri "/.env"] [unique_id "Z0_WKmqG9sXHklUlbTeIxwAAACE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-04 01:08:28
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 20:08:23.836340 2024] [security2:error] [pid 9536:tid 9536] [client 213.35.107.8:65075] [client 213.35.107.8] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.equityvestor.com"] [uri "/.env"] [unique_id "Z0-rh-nTRiR7beZwtaQwPgAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
w-e-c-l-o-u-d-i-t
2024-12-04 00:48:42
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 213.35.107.8 (GB/United Kingdom/-): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 213.35.107.8 (GB/United Kingdom/-): 1 in the last 28800 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC show less
Brute-Force
SSH
TPI-Abuse
2024-12-03 11:34:20
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 06:34:16.989796 2024] [security2:error] [pid 17205:tid 17205] [client 213.35.107.8:56535] [client 213.35.107.8] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "awinwinsolution4u.ceitampa.com"] [uri "/.env"] [unique_id "Z07suL7puoFk_iXbINkBvAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Trueforce Threat Report
2024-12-03 11:24:14
(2 days ago)
Automated report, trolling for resource vulnerabilities
Bad Web Bot
Web App Attack
Anonymous
2024-12-03 06:31:38
(2 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-12-02 12:01:06
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 07:00:59.694253 2024] [security2:error] [pid 13226:tid 13226] [client 213.35.107.8:49343] [client 213.35.107.8] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.sexeffects.org"] [uri "/.env"] [unique_id "Z02he3RIBPYAlBMCsIvVlAAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
zynex
2024-12-02 11:43:38
(3 days ago)
URL Probing: /.env
Web App Attack
TPI-Abuse
2024-12-02 09:46:50
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 04:46:46.570190 2024] [security2:error] [pid 29485:tid 29485] [client 213.35.107.8:60767] [client 213.35.107.8] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.weddingbellesclarksville.com"] [uri "/.env"] [unique_id "Z02CBvQKLaui6pDRk8sefAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 07:05:17
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 213.35.107.8 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 02:05:10.566751 2024] [security2:error] [pid 18692:tid 18692] [client 213.35.107.8:49379] [client 213.35.107.8] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "application.oxfordgliding.com"] [uri "/.env"] [unique_id "Z01cJpqUpcsvjvWiK-tmAgAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack