TPI-Abuse
2024-09-24 14:25:53
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 10:25:46.733402 2024] [security2:error] [pid 24084:tid 24088] [client 41.216.183.187:57651] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cheqs.org"] [uri "/.env"] [unique_id "ZvLL6heh1aQ5gXtCZzSk7gAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-24 13:02:47
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 09:02:43.873591 2024] [security2:error] [pid 25008:tid 25008] [client 41.216.183.187:62077] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fxztrader.com"] [uri "/.env"] [unique_id "ZvK4c9gLFng34ZkDmqi3nQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-24 06:53:16
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 24 02:53:10.305381 2024] [security2:error] [pid 3521:tid 3521] [client 41.216.183.187:55874] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "itibitico.com"] [uri "/.env"] [unique_id "ZvJh1s004GK7zgQ6zCKgugAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-24 00:30:40
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 20:30:36.197913 2024] [security2:error] [pid 23372:tid 23372] [client 41.216.183.187:59110] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.designcutters.com"] [uri "/domains.htm/.env"] [unique_id "ZvIILGV-L-mA9rVoNqlJ8QAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
GoodOldTOS
2024-09-24 00:24:02
(1 week ago)
Bad keywords detected in request: /.env
Web App Attack
TPI-Abuse
2024-09-23 13:38:55
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 23 09:38:50.710603 2024] [security2:error] [pid 12158:tid 12158] [client 41.216.183.187:56988] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blushhairstyling.com"] [uri "/.env"] [unique_id "ZvFvapr---x6xWIIkWspYgAAACc"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-09-23 02:08:11
(2 weeks ago)
Too many Status 40X (14)
Brute-Force
Web App Attack
TPI-Abuse
2024-09-22 21:12:17
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 22 17:12:11.244816 2024] [security2:error] [pid 8606:tid 8606] [client 41.216.183.187:64671] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "savvydigitalsystems.com"] [uri "/.env"] [unique_id "ZvCIKxONQZGrqxEroLbD-AAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-22 20:45:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 22 16:45:27.510462 2024] [security2:error] [pid 566582:tid 566582] [client 41.216.183.187:60276] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "st-kitts-and-nevis-yacht-registration.com"] [uri "/.env"] [unique_id "ZvCB5-NJyPJPFOb5EXV2XwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-22 18:23:41
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 22 14:23:33.436362 2024] [security2:error] [pid 1596175:tid 1596333] [client 41.216.183.187:61821] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "allstarcleanpros.com"] [uri "/.env"] [unique_id "ZvBgpTizjk_v6Q_-WAzBMAAAAQI"] show less
Brute-Force
Bad Web Bot
Web App Attack
FEWA
2024-09-21 12:42:37
(2 weeks ago)
Fail2Ban Ban Triggered
Hacking
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-21 07:39:15
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 41.216.183.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 21 03:39:08.020203 2024] [security2:error] [pid 13566:tid 13566] [client 41.216.183.187:54578] [client 41.216.183.187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.103"] [uri "/.env"] [unique_id "Zu54HDkm4OBPQX0jZLn3AQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mr-Money
2024-09-20 17:27:31
(2 weeks ago)
41.216.183.187 - - [20/Sep/2024:19:05:50 +0200] "GET /.env HTTP/1.1" 404 489 "-" "Mozilla 5/0" ... show more 41.216.183.187 - - [20/Sep/2024:19:05:50 +0200] "GET /.env HTTP/1.1" 404 489 "-" "Mozilla 5/0"
41.216.183.187 - - [20/Sep/2024:19:26:35 +0200] "GET /.env HTTP/1.1" 404 489 "-" "Mozilla 5/0"
41.216.183.187 - - [20/Sep/2024:19:27:30 +0200] "GET /.env HTTP/1.1" 404 489 "-" "Mozilla 5/0"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
Mr-Money
2024-09-20 16:14:13
(2 weeks ago)
41.216.183.187 - - [20/Sep/2024:18:14:12 +0200] "GET /.env HTTP/1.1" 404 492 "-" "Mozilla 5/0" ... show more 41.216.183.187 - - [20/Sep/2024:18:14:12 +0200] "GET /.env HTTP/1.1" 404 492 "-" "Mozilla 5/0"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
cmbplf
2024-09-19 23:35:28
(2 weeks ago)
115 requests to *.env
Brute-Force
Bad Web Bot