BlueWire Hosting
2024-12-01 05:10:11
(1 week ago)
Scanning for Laravel vulnerabilities
Web App Attack
TPI-Abuse
2024-12-01 05:09:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 00:09:04.346067 2024] [security2:error] [pid 7804:tid 7804] [client 3.79.207.133:48432] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.photoboutiqueamerica.com"] [uri "/.env"] [unique_id "Z0vvcNw_vjZ7bh_80OF2DAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-01 04:35:11
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 23:35:03.692350 2024] [security2:error] [pid 28093:tid 28093] [client 3.79.207.133:34338] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "innolympics.com"] [uri "/.env"] [unique_id "Z0vnd8WC9DWcB4Xt9lTl0QAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-01 03:56:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 22:56:41.677092 2024] [security2:error] [pid 14293:tid 14293] [client 3.79.207.133:57520] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.homecheckinmaine.com"] [uri "/.env"] [unique_id "Z0veeXvI0COHR3xv9K8F3AAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-01 03:20:12
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-12-01 02:20:09
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 21:20:03.265885 2024] [security2:error] [pid 2666794:tid 2666794] [client 3.79.207.133:40604] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toptek.com"] [uri "/.env"] [unique_id "Z0vH0_qITMkisukMPuwJBgAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-01 02:03:54
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 21:03:44.366921 2024] [security2:error] [pid 3859:tid 3859] [client 3.79.207.133:51310] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tonysargbooks.com"] [uri "/.env"] [unique_id "Z0vEALX5q7lab4Gza2gb_gAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-01 01:40:51
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 20:40:47.224123 2024] [security2:error] [pid 5261:tid 5283] [client 3.79.207.133:56646] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fluitles.eu"] [uri "/.env"] [unique_id "Z0u-n-J7TzW7VQD4aURUQQAAAFQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Gwyneth Llewelyn
2024-12-01 01:39:54
(1 week ago)
3.79.207.133 - - [01/Dec/2024:01:39:52 +0000] "GET /.env HTTP/2.0" 301 162 "-" "Mozilla/5.0 (X11; Li ... show more 3.79.207.133 - - [01/Dec/2024:01:39:52 +0000] "GET /.env HTTP/2.0" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64)"
2024/12/01 01:39:52 [error] 317268#317268: *12834357 access forbidden by rule, client: 3.79.207.133, server: feminina.eu, request: "GET /.env HTTP/2.0", host: "feminina.eu", referrer: "https://www.feminina.eu/.env"
3.79.207.133 - - [01/Dec/2024:01:39:52 +0000] "GET /.env HTTP/2.0" 403 95 "https://www.feminina.eu/.env" "Mozilla/5.0 (X11; Linux x86_64)" show less
Web App Attack
MSZ
2024-12-01 01:32:18
(1 week ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-12-01 01:18:58
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 20:18:51.333443 2024] [security2:error] [pid 20918:tid 20918] [client 3.79.207.133:53952] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kurikka.eu"] [uri "/.env"] [unique_id "Z0u5ewP_4LHAgjCPMtleOgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
el-brujo
2024-12-01 01:07:57
(1 week ago)
01/Dec/2024:02:07:57.555421 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ... show more 01/Dec/2024:02:07:57.555421 +0100Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 3.79.207.133] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "www.hostench.eu"] [uri "/.env"] [unique_id "Z0u27cBPRpf6llcJI6ObhwADqCw"]
... show less
Hacking
Web App Attack
penjaga BRIN
2024-12-01 00:08:00
(1 week ago)
apache-alfa-111
Web App Attack
Burayot
2024-12-01 00:02:53
(1 week ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 3.79.207.133 (DE/Germany/ec2-3-79-20 ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 3.79.207.133 (DE/Germany/ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 3600 secs show less
Web App Attack
TPI-Abuse
2024-11-30 23:33:08
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.com ... show more (mod_security) mod_security (id:210492) triggered by 3.79.207.133 (ec2-3-79-207-133.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 18:33:03.252620 2024] [security2:error] [pid 22760:tid 22816] [client 3.79.207.133:42442] [client 3.79.207.133] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.dcs.co.id"] [uri "/.env"] [unique_id "Z0ugr1FYexX5m73gytntmAAAAFQ"] show less
Brute-Force
Bad Web Bot
Web App Attack