pmouse
2024-12-04 20:35:13
(1 day ago)
originated or passed SPAM,UCE
Email Spam
Starburst SysOp Team
2024-12-01 13:26:20
(4 days ago)
(mod_security-custom) mod_security (id:210492) triggered by 23.148.146.27 (US/United States/-): 1 in ... show more (mod_security-custom) mod_security (id:210492) triggered by 23.148.146.27 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sun Dec 01 13:26:16.674412 2024] [:error] [pid 2812791:tid 2812821] [client 23.148.146.27:62405] [client 23.148.146.27] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "62.72.43.131"] [uri "/.env"] [unique_id "Z0xj-Cf1VYpDRL9jTmiYcQAAANg"] show less
Hacking
Starburst SysOp Team
2024-12-01 13:26:00
(4 days ago)
[Sun Dec 01 13:26:16.674412 2024] [:error] [pid 2812791:tid 2812821] [client 23.148.146.27:62405] [c ... show more [Sun Dec 01 13:26:16.674412 2024] [:error] [pid 2812791:tid 2812821] [client 23.148.146.27:62405] [client 23.148.146.27] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "62.72.43.131"] [uri "/.env"] [unique_id "Z0xj-Cf1VYpDRL9jTmiYcQAAANg"] show less
Hacking
Brute-Force
Web App Attack
Starburst SysOp Team
2024-12-01 13:24:00
(4 days ago)
[Sun Dec 01 13:24:34.071931 2024] [:error] [pid 2893330:tid 2893371] [client 23.148.146.27:59191] [c ... show more [Sun Dec 01 13:24:34.071931 2024] [:error] [pid 2893330:tid 2893371] [client 23.148.146.27:59191] [client 23.148.146.27] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "62.72.43.129"] [uri "/.env"] [unique_id "Z0xjkr1MbBzGhfLB2b43-QAAANE"] show less
Hacking
Brute-Force
Web App Attack
Starburst SysOp Team
2024-12-01 13:10:23
(4 days ago)
(mod_security-custom) mod_security (id:210492) triggered by 23.148.146.27 (US/United States/-): 1 in ... show more (mod_security-custom) mod_security (id:210492) triggered by 23.148.146.27 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sun Dec 01 13:10:20.161961 2024] [:error] [pid 1042703:tid 1042722] [client 23.148.146.27:55428] [client 23.148.146.27] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "94.136.185.162"] [uri "/.env"] [unique_id "Z0xgPAHrMw43nI6EJyqKYQAAANE"] show less
Hacking
findlab
2024-11-29 21:50:01
(6 days ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
WebNiraj
2024-11-29 14:34:44
(6 days ago)
(mod_security) mod_security (id:949110) triggered by 23.148.146.27 (-): 5 in the last 3600 secs
Brute-Force
vfAcceloReporter
2024-11-29 10:49:02
(6 days ago)
23.148.146.27 - - [29/Nov/2024:07:49:01 -0300] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macint ... show more 23.148.146.27 - - [29/Nov/2024:07:49:01 -0300] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
... show less
Brute-Force
Exploited Host
Web App Attack
octageeks.com
2024-11-27 05:06:37
(1 week ago)
Wordpress malicious attack:[octablocked]
Web App Attack
conseilgouz
2024-11-26 07:59:12
(1 week ago)
ame-Direct access to plugin not allowed
Hacking
TPI-Abuse
2024-11-26 06:00:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.148.146.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 23.148.146.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 00:59:54.641491 2024] [security2:error] [pid 15708:tid 15708] [client 23.148.146.27:61383] [client 23.148.146.27] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "skinnywheels.com"] [uri "/.env"] [unique_id "Z0Vj2he9Jg-ukm5SQBTZ1QAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-25 03:29:01
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 23.148.146.27 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 23.148.146.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 24 22:28:44.347002 2024] [security2:error] [pid 14907:tid 14907] [client 23.148.146.27:62809] [client 23.148.146.27] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.spaceritual.net"] [uri "/dinur/.env"] [unique_id "Z0Pu7EJCjLa3UnHmo3jZUwAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
penjaga BRIN
2024-11-24 05:05:20
(1 week ago)
apache-alfa-111
Web App Attack
Burayot
2024-11-24 04:59:52
(1 week ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 23.148.146.27 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 23.148.146.27 (US/United States/-): 1 in the last 3600 secs show less
Web App Attack
CrystalMaker
2024-11-19 21:22:00
(2 weeks ago)
Vulnerability scan - GET /_profiler/empty/search/results
Hacking