π³π±
Linuxmalwarehuntingnl
2024-07-03 07:00:54
(2 years ago)
Unauthorized connection attempt
Brute-Force
πΊπΈ
TPI-Abuse
2024-06-14 13:29:30
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 14 09:29:24.722720 2024] [security2:error] [pid 17045] [client 38.242.241.179:39958] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "inetbrain.com"] [uri "/staging/.env"] [unique_id "ZmxFtLsvOe_lXBhi57SGBAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-06-13 22:24:15
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 13 18:24:08.168205 2024] [security2:error] [pid 15325] [client 38.242.241.179:52860] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "graythebruce.com"] [uri "/public/.env"] [unique_id "ZmtxiAf18SU9rq88JFYV0wAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-06-13 18:40:14
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 13 14:40:09.029022 2024] [security2:error] [pid 30489:tid 47419285460736] [client 38.242.241.179:49294] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elevapro.com"] [uri "/public/.env"] [unique_id "Zms9CaE0FDtHc3uxrdxbSAAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-06-13 16:29:51
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 13 12:29:47.568888 2024] [security2:error] [pid 6912] [client 38.242.241.179:47690] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davisound.com"] [uri "/public/.env"] [unique_id "Zmseey1IBqBXbf8ds5NZugAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-06-13 15:41:24
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 13 11:41:19.174033 2024] [security2:error] [pid 5456] [client 38.242.241.179:53850] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cristalsupermercados.com"] [uri "/public/.env"] [unique_id "ZmsTH-KhnI_3o3ms3dObqQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π·
JCB
2024-06-13 15:12:00
(2 years ago)
38.242.241.179 - - [12/Jun/2024:19:04:30 +0300] "GET /.env HTTP/1.1" 404 196 "-" "python-requests/2. ...
show more
38.242.241.179 - - [12/Jun/2024:19:04:30 +0300] "GET /.env HTTP/1.1" 404 196 "-" "python-requests/2.25.1"
38.242.241.179 - - [12/Jun/2024:19:04:41 +0300] "GET /public/.env HTTP/1.1" 404 196 "-" "python-requests/2.25.1"
38.242.241.179 - - [12/Jun/2024:19:04:51 +0300] "GET /staging/.env HTTP/1.1" 404 196 "-" "python-requests/2.25.1"
...
show less
Hacking
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2024-06-12 20:03:50
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 12 16:03:42.444347 2024] [security2:error] [pid 13889] [client 38.242.241.179:38498] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "akmanoto.com"] [uri "/public/.env"] [unique_id "Zmn_Htm-CpTtfzm2esVDQAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Ba-Yu
2024-06-12 16:29:54
(2 years ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
π²πΎ
Rizzy
2024-06-12 03:19:34
(2 years ago)
Multiple WAF Violations
Brute-Force
Web App Attack
πͺπΈ
10dencehispahard SL
2024-06-12 03:03:38
(2 years ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
πΊπΈ
TPI-Abuse
2024-06-12 00:35:12
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 11 20:35:05.665264 2024] [security2:error] [pid 1207636:tid 46952867723008] [client 38.242.241.179:51884] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aeaus.com.aafm.us"] [uri "/public/.env"] [unique_id "ZmjtOcPUnCY3ih25AsRWhgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-06-11 23:21:35
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): ...
show more
(mod_security) mod_security (id:210492) triggered by 38.242.241.179 (vmi1238512.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 11 19:21:29.009976 2024] [security2:error] [pid 3895] [client 38.242.241.179:49284] [client 38.242.241.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "angove.biz"] [uri "/admin/.env"] [unique_id "Zmjb-Ts7wjBkeqgqEXpYzAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-02-11 05:16:43
(2 years ago)
CMS/WebApp Exploit attempt
Web App Attack
π²πΎ
Rizzy
2024-02-10 23:44:34
(2 years ago)
Multiple WAF Violations
Brute-Force
Web App Attack