Anonymous
2024-12-03 04:21:03
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
MSZ
2024-12-03 04:16:19
(1 month ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
Anonymous
2024-12-03 04:13:09
(1 month ago)
[03/Dec/2024:15:13:08 +1100] "GET /core/.env HTTP/1.1" 404 196
Hacking
Web App Attack
breubit
2024-12-03 03:50:59
(1 month ago)
35.181.51.157 - - [03/Dec/2024:04:50:59 +0100] "GET /core/.env HTTP/1.1" 404 3032 "-" "Mozilla/5.0 ( ... show more 35.181.51.157 - - [03/Dec/2024:04:50:59 +0100] "GET /core/.env HTTP/1.1" 404 3032 "-" "Mozilla/5.0 (X11; Linux x86_64)"
... show less
Web App Attack
TPI-Abuse
2024-12-03 03:18:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.comp ... show more (mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 22:18:40.786057 2024] [security2:error] [pid 6029:tid 6029] [client 35.181.51.157:47376] [client 35.181.51.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.arthuryeung.net"] [uri "/core/.env"] [unique_id "Z054kEcj45Fwg6Xh_VkkbgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-03 01:55:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.comp ... show more (mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 20:55:09.362524 2024] [security2:error] [pid 12719:tid 12719] [client 35.181.51.157:53926] [client 35.181.51.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kittendream.mykelmilur.com"] [uri "/.git/"] [unique_id "Z05k_aO4dYbjSE9pI-wxjAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
piticu iuli
2024-12-03 01:52:36
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 35.181.51.157 (FR/France/ec2-35-181-51- ... show more (mod_security) mod_security triggered on hostname [redacted] 35.181.51.157 (FR/France/ec2-35-181-51-157.eu-west-3.compute.amazonaws.com) show less
SQL Injection
lp
2024-12-03 01:22:31
(1 month ago)
Bot webscan: 1 attempts were recorded from 35.181.51.157
35.181.51.157 "GET /.git/ HTTP/1.1" 4 ... show more Bot webscan: 1 attempts were recorded from 35.181.51.157
35.181.51.157 "GET /.git/ HTTP/1.1" 404 3559 "-" "Mozilla/5.0 (X11; Linux x86_64)" show less
Port Scan
TPI-Abuse
2024-12-03 00:12:50
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.comp ... show more (mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 19:12:47.134562 2024] [security2:error] [pid 15696:tid 15696] [client 35.181.51.157:37330] [client 35.181.51.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.3905ccn.us"] [uri "/.git/"] [unique_id "Z05M_52znsQpjJ0OrTnZ-wAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-12-03 00:10:21
(1 month ago)
Too many Status 40X (13)
Brute-Force
Web App Attack
jcbriar
2024-12-02 23:48:00
(1 month ago)
Searching for vulnerable scripts
Hacking
Web App Attack
TPI-Abuse
2024-12-02 23:47:05
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.comp ... show more (mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:46:59.947109 2024] [security2:error] [pid 28997:tid 28997] [client 35.181.51.157:38284] [client 35.181.51.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.swaincustomdesigns.com"] [uri "/.git/"] [unique_id "Z05G83ED5G0Rw4ZLIvo6mwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-02 23:43:25
(1 month ago)
Restricted File Access Requests
Hacking
Brute-Force
w-e-c-l-o-u-d-i-t
2024-12-02 23:34:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.181.51.157 (FR/France/ec2-35-181-51-157.eu-w ... show more (mod_security) mod_security (id:210492) triggered by 35.181.51.157 (FR/France/ec2-35-181-51-157.eu-west-3.compute.amazonaws.com): 1 in the last 600 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC show less
Brute-Force
SSH
TPI-Abuse
2024-12-02 23:28:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.comp ... show more (mod_security) mod_security (id:210492) triggered by 35.181.51.157 (ec2-35-181-51-157.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:28:03.014064 2024] [security2:error] [pid 19675:tid 19675] [client 35.181.51.157:59674] [client 35.181.51.157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.matterofbritain.com"] [uri "/.git/"] [unique_id "Z05Cgw9GjpKAd2HL6VyxUgAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack