๐ธ๐ฎ
borisperc
2025-08-03 10:46:17
(10 months ago)
Web Spam
Port Scan
Hacking
SQL Injection
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
๐ง๐ท
Sipo Chutรฃo
2025-07-09 03:00:01
(11 months ago)
/www/.env
45.149.205.11,15,2025-07-09T00:00:01-03:00,/locales/locale.json?locale=../../config/&names ...
show more
/www/.env
45.149.205.11,15,2025-07-09T00:00:01-03:00,/locales/locale.json?locale=../../config/&namespace=database
show less
Hacking
๐บ๐ธ
TPI-Abuse
2025-07-07 03:46:41
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 06 23:46:37.260358 2025] [security2:error] [pid 27998:tid 27998] [client 45.138.16.203:52201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "byles.net"] [uri "/.env"] [unique_id "aGtDHSWy1x6HIpQoHz9DmwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-07 02:24:31
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 06 22:24:26.992392 2025] [security2:error] [pid 16828:tid 16828] [client 45.138.16.203:52366] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "philipma.com"] [uri "/.env"] [unique_id "aGsv2nAksssL0XSGTMn3awAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-07 00:36:06
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 06 20:36:00.334573 2025] [security2:error] [pid 21462:tid 21462] [client 45.138.16.203:64614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "karyaenigma.com"] [uri "/.env"] [unique_id "aGsWcOlP5tLKwXdIkA1ENQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mawan
2025-07-06 23:26:50
(11 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-05 14:49:29
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 05 10:49:25.582347 2025] [security2:error] [pid 9212:tid 9212] [client 45.138.16.203:63927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bookingsouthafrica.com"] [uri "/.env"] [unique_id "aGk7dVs1QHd2ZO3c-GXcagAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
voormedia
2025-07-05 01:21:22
(11 months ago)
Accessed trap at '/.env'
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-05 00:16:53
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 04 20:16:50.612196 2025] [security2:error] [pid 28351:tid 28351] [client 45.138.16.203:52330] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fintastic.co.za"] [uri "/.env"] [unique_id "aGhu8je0oCxlFl2a35k2agAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2025-07-04 00:22:49
(11 months ago)
144 requests with url.path *.env
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-07-03 23:36:22
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in t ...
show more
(mod_security) mod_security (id:210492) triggered by 45.138.16.203 (mail.sumithillsales.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 03 19:36:18.118963 2025] [security2:error] [pid 3532:tid 3532] [client 45.138.16.203:59108] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lawandaudit.com"] [uri "/.env"] [unique_id "aGcT8s2N7jwA-00mH8HZmAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
webbfabriken
2024-08-01 05:00:17
(1 year ago)
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbf ...
show more
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabiken Security API - WFSecAPI
show less
Web Spam
Anonymous
2024-07-29 18:22:00
(1 year ago)
"Forceful Browsing"
Brute-Force
๐ฉ๐ช
niceshops.com
2024-07-22 03:37:44
(1 year ago)
Large amount of http-requests in short time ([22/Jul/2024:05:28:45.034] )
Bad Web Bot
๐ฆ๐บ
ozisp.com.au
2024-07-22 01:19:22
(1 year ago)
null_null_<33>1721611160 [1:2522081:5591] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic ...
show more
null_null_<33>1721611160 [1:2522081:5591] ET TOR Known Tor Relay/Router (Not Exit) Node TCP Traffic group 82 [Classification: Misc Attack] [Priority: 2] {TCP} 45.138.16.203:17054
show less
Open Proxy