sdos.es
2023-12-27 12:18:55
(11 months ago)
"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /local/.env"
Web App Attack
Anonymous
2023-12-27 08:01:42
(11 months ago)
Common attack or app scan event detected and blocked
Port Scan
Hacking
Web App Attack
geeek
2023-12-26 15:10:40
(11 months ago)
Port scanning: 554 TCP Blocked
Port Scan
Anonymous
2023-12-26 00:28:55
(11 months ago)
Login attempt: /cms
Hacking
Brute-Force
Web App Attack
Hazzard
2023-12-25 16:32:42
(11 months ago)
(mod_security) mod_security triggered on hostname [redacted]): (CF_ENABLE)
SQL Injection
mawan
2023-12-21 00:43:23
(11 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
mangomad
2023-12-18 22:43:05
(11 months ago)
Repeated Apache mod_security rule triggers
Brute-Force
Web App Attack
Security_Whaller
2023-12-18 10:35:18
(11 months ago)
Malicious activity detected on Honeypot.
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2023-12-18 00:23:50
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 216.73.161.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.73.161.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 17 19:23:40.355880 2023] [security2:error] [pid 30894] [client 216.73.161.63:33219] [client 216.73.161.63] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.89"] [uri "/.env.old"] [unique_id "ZX-RDD7mcjz1GWeIaLumOAAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-12-17 16:20:19
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 216.73.161.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.73.161.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 17 11:20:13.062113 2023] [security2:error] [pid 21312] [client 216.73.161.63:23343] [client 216.73.161.63] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.104"] [uri "/.env"] [unique_id "ZX8fvVhgMq6MmasbYtFLygAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
mawan
2023-12-17 06:56:58
(11 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2023-12-16 16:49:31
(11 months ago)
Bot / scanning and/or hacking attempts: GET //wp-admin/dropdown.php HTTP/1.1, GET /marijuana.php HTT ... show more Bot / scanning and/or hacking attempts: GET //wp-admin/dropdown.php HTTP/1.1, GET /marijuana.php HTTP/1.1, GET //cp.php HTTP/1.1, GET /ws.php HTTP/1.1, GET //wp-includes/blocks/table/int/tmpl/index.php HTTP/1.1, GET //mad.php HTTP/1.1, GET //ee.php HTTP/1.1, GET /cp.php HTTP/1.1, GET //ws.php HTTP/1.1, GET /mad.php HTTP/1.1, GET /text.php HTTP/1.1, GET /style.php HTTP/1.1, GET //wp-content/plugins/dzs-zoomsounds/1877.php HTTP/1.1, GET //marijuana.php HTTP/1.1, GET /wp-admin/dropdown.php HTTP/1.1, GET /clen.php HTTP/1.1, GET /wp-includes/blocks/table/int/tmpl/ HTTP/1.1, GET //wp-info.php HTTP/1.1, GET //style.php HTTP/1.1, GET //clen.php HTTP/1.1 show less
Hacking
Web App Attack
TPI-Abuse
2023-12-16 15:18:37
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 216.73.161.63 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 216.73.161.63 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 16 10:18:32.872352 2023] [security2:error] [pid 19266] [client 216.73.161.63:30199] [client 216.73.161.63] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "321q.com"] [uri "/.env"] [unique_id "ZX2_yFs7Kycqlmc3b14HSAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2023-12-14 10:30:33
(11 months ago)
MYH: Web Attack GET //wp-content/plugins/linkpreview/wp-blog.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
mnsf
2023-12-12 22:02:25
(11 months ago)
Too many Status 40X (45)
Brute-Force
Web App Attack