๐ฟ๐ฆ
WolfAdmin.com
2025-04-27 06:00:00
(1 year ago)
Scanning for vulnerable files/URLs
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2025-04-26 05:12:47
(1 year ago)
4 attacks on env grabbing URLs:
GET /api/.env HTTP/1.1
Hacking
๐ซ๐ท
ingroscart.it
2025-04-26 02:48:25
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/ec2-3-23 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/ec2-3-237-44-123.compute-1.amazonaws.com)
show less
SQL Injection
๐ซ๐ท
ecodehost.com
2025-04-26 02:37:01
(1 year ago)
Domain : MailEnable WebMail
Rule : env
2025-04-26 02:35:42 10.100.1.20 GET /.env - 443 - 3.237.44.12 ...
show more
Domain : MailEnable WebMail
Rule : env
2025-04-26 02:35:42 10.100.1.20 GET /.env - 443 - 3.237.44.123 Mozilla/5.0 (X11; Linux x86_64) - 404 0 2 428 - -
show less
Hacking
SQL Injection
๐ฉ๐ช
grassau.com
2025-04-26 02:28:01
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/ec2-3-23 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/ec2-3-237-44-123.compute-1.amazonaws.com)
show less
SQL Injection
๐บ๐ธ
MogBox
2025-04-26 02:08:40
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (US/United States/ec2-3-237-44-123 ...
show more
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (US/United States/ec2-3-237-44-123.compute-1.amazonaws.com): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Apr 25 22:08:35.648820 2025] [security2:error] [pid 2196328:tid 2196350] [remote 3.237.44.123:0] [client 3.237.44.123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.mogbox.net"] [uri "/.env"] [unique_id "aAxAI5TLP1xQBYqWkHrlpwAAVBM"]
show less
Hacking
๐ฑ๐น
Evag Touf
2025-04-26 02:08:25
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/-): (CF ...
show more
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/-): (CF_ENABLE)
show less
SQL Injection
Anonymous
2025-04-26 02:05:46
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/ec2-3-23 ...
show more
(mod_security) mod_security triggered on hostname [redacted] 3.237.44.123 (US/United States/ec2-3-237-44-123.compute-1.amazonaws.com)
show less
SQL Injection
๐บ๐ธ
TPI-Abuse
2025-04-26 02:05:29
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 25 22:05:21.132091 2025] [security2:error] [pid 32311:tid 32311] [client 3.237.44.123:53570] [client 3.237.44.123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.greensandbeans.us"] [uri "/.env"] [unique_id "aAw_YY0Ix1BqtokLJxVhQwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
mxinfra
2025-04-26 01:48:25
(1 year ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-26 01:41:34
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 25 21:41:30.784997 2025] [security2:error] [pid 4856:tid 4856] [client 3.237.44.123:40830] [client 3.237.44.123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.houstontenemosunproblema.com"] [uri "/.env"] [unique_id "aAw5yroi4lXgkA1r5qkZuAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-26 01:25:41
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 25 21:25:35.524702 2025] [security2:error] [pid 3605595:tid 3605595] [client 3.237.44.123:49212] [client 3.237.44.123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kennythompson.com"] [uri "/.env"] [unique_id "aAw2D3JPEXpS-iNhCnNF_gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-04-26 00:14:00
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 3.237.44.123 (ec2-3-237-44-123.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 25 20:13:53.360979 2025] [security2:error] [pid 4877:tid 4882] [client 3.237.44.123:33774] [client 3.237.44.123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wp.havacubvision.com"] [uri "/api/.env"] [unique_id "aAwlQWy2h0A-STjhejxpigAAAIM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2025-04-26 00:05:17
(1 year ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
๐ฉ๐ช
Ba-Yu
2025-04-26 00:01:02
(1 year ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack