el-brujo
2024-09-12 15:31:20
(1 month ago)
Cloudflare WAF: Request Path: /phpinfo.php Request Query: Host: whk.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /phpinfo.php Request Query: Host: whk.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Action: block Source: firewallManaged ASN Description: GOOGLE-CLOUD-PLATFORM Country: IL Method: GET Timestamp: 2024-09-12T15:31:20Z ruleId: c2a2f414a67c409f90cccb6c5bba0215. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less
Hacking
SQL Injection
Web App Attack
polycoda
2024-09-12 11:07:41
(1 month ago)
⌨️ Probes for /.env everywhere
Hacking
Web App Attack
Anonymous
2024-09-12 03:06:19
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 34.165.129.7 (IL/Israel/7.129.165.34.bc ... show more (mod_security) mod_security triggered on hostname [redacted] 34.165.129.7 (IL/Israel/7.129.165.34.bc.googleusercontent.com) show less
SQL Injection
Anonymous
2024-09-11 02:48:44
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 34.165.129.7 (IL/Israel/7.129.165.34.bc ... show more (mod_security) mod_security triggered on hostname [redacted] 34.165.129.7 (IL/Israel/7.129.165.34.bc.googleusercontent.com) show less
SQL Injection
rh24
2024-09-10 19:10:46
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 34.165.129.7 (IL/Israel/7.129.165.34.bc ... show more (mod_security) mod_security triggered on hostname [redacted] 34.165.129.7 (IL/Israel/7.129.165.34.bc.googleusercontent.com): (CF_ENABLE) show less
SQL Injection
TPI-Abuse
2024-09-10 18:34:28
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 14:34:23.807765 2024] [security2:error] [pid 19699:tid 19699] [client 34.165.129.7:49540] [client 34.165.129.7] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chrischamberlain.com"] [uri "/.git/config"] [unique_id "ZuCRL7D1lR9SS5KPu3fwPwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-10 15:07:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 11:06:56.298190 2024] [security2:error] [pid 23624:tid 23624] [client 34.165.129.7:65357] [client 34.165.129.7] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "johnmueller.org"] [uri "/.git/config"] [unique_id "ZuBgkLc9NiZX7Ym6e8tEpwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
✨
2024-09-10 13:12:02
(1 month ago)
Domain : subastame.net
Rule : env
2024-09-10 12:51:13 152.53.103.155 POST /sources/.env ... show more Domain : subastame.net
Rule : env
2024-09-10 12:51:13 152.53.103.155 POST /sources/.env - 80 - 141.101.68.218 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 - subastame.net 405 0 1 5851 491 25 - 34.165.129.7 show less
Hacking
SQL Injection
✨
2024-09-10 12:51:01
(1 month ago)
Domain : subastame.net
Rule : config
2024-09-10 12:50:42 152.53.103.155 GET /.git/config ... show more Domain : subastame.net
Rule : config
2024-09-10 12:50:42 152.53.103.155 GET /.git/config - 80 - 141.101.68.227 HTTP/1.1 python-requests/2.28.1 - subastame.net 404 8 0 5177 340 911 - 34.165.129.7 show less
Hacking
SQL Injection
Rizzy
2024-09-10 06:32:18
(1 month ago)
Multiple WAF Violations
Brute-Force
Web App Attack
TPI-Abuse
2024-09-10 00:14:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 20:14:04.927536 2024] [security2:error] [pid 26994:tid 26994] [client 34.165.129.7:56125] [client 34.165.129.7] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "konahawaii.com"] [uri "/.git/config"] [unique_id "Zt-PTC2gq_wbnCk55qV1oAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-09 22:06:23
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 18:06:18.913481 2024] [security2:error] [pid 12664:tid 12664] [client 34.165.129.7:59720] [client 34.165.129.7] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mpservice.com.sv"] [uri "/.git/config"] [unique_id "Zt9xWvyZEzXNXbzPpQ18aAAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
✨
2024-09-09 09:32:01
(1 month ago)
Domain : todoparatuboda.net
Rule : config
2024-09-09 09:30:53 152.53.103.155 GET /.git/c ... show more Domain : todoparatuboda.net
Rule : config
2024-09-09 09:30:53 152.53.103.155 GET /.git/config - 80 - 172.69.222.24 HTTP/1.1 python-requests/2.28.1 - todoparatuboda.net 404 8 0 5182 349 25 - 34.165.129.7 show less
Hacking
SQL Injection
TPI-Abuse
2024-09-09 08:22:03
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 04:21:57.770565 2024] [security2:error] [pid 28420:tid 28420] [client 34.165.129.7:49943] [client 34.165.129.7] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mobi.fisseq.com"] [uri "/.git/config"] [unique_id "Zt6wJVDLF2t7tuVBKq_IKQAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-09 06:06:52
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent ... show more (mod_security) mod_security (id:210492) triggered by 34.165.129.7 (7.129.165.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 02:06:47.542312 2024] [security2:error] [pid 2747:tid 2747] [client 34.165.129.7:50408] [client 34.165.129.7] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "recorplast.com"] [uri "/.git/config"] [unique_id "Zt6Qd9zMw2aDLaEyfIglPwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack