Bedios GmbH
|
|
Login credentials theft attempt
|
Hacking
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 52.57.169.241 (ec2-52-57-169-241.eu-central-1.c ... show more(mod_security) mod_security (id:210492) triggered by 52.57.169.241 (ec2-52-57-169-241.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 00:10:18.710097 2024] [security2:error] [pid 8213:tid 8213] [client 52.57.169.241:40306] [client 52.57.169.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.aroilcontrolsystem.com"] [uri "/.env"] [unique_id "Z0vvunHZHFzn-AkJ58EUSgAAAAs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
dpinse
|
|
teler detected Directory Bruteforce against resource /.env from 52.57.169.241
|
Bad Web Bot
|
|
etu brutus
|
|
52.57.169.241 Blocked by [Attack Vector List]
...
|
Hacking
Brute-Force
Exploited Host
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 52.57.169.241 (ec2-52-57-169-241.eu-central-1.c ... show more(mod_security) mod_security (id:210492) triggered by 52.57.169.241 (ec2-52-57-169-241.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 23:35:13.094106 2024] [security2:error] [pid 18558:tid 18558] [client 52.57.169.241:60770] [client 52.57.169.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.hvacmechanalysis.com"] [uri "/.env"] [unique_id "Z0vnge54xz9sJenQ51aKkQAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
[email protected]
|
|
Attempts to find pages that do not exist on website.
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 52.57.169.241 (ec2-52-57-169-241.eu-central-1.c ... show more(mod_security) mod_security (id:210492) triggered by 52.57.169.241 (ec2-52-57-169-241.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 22:56:56.882383 2024] [security2:error] [pid 3244:tid 3259] [client 52.57.169.241:51690] [client 52.57.169.241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.alicefaye.com"] [uri "/.env"] [unique_id "Z0veiM2So6rcfr-XLMGkagAAAQw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MSZ
|
|
Blocked by Fail2Ban (plesk-modsecurity)
|
Hacking
Brute-Force
Web App Attack
|
|
marcel-knorr.de
|
|
[MK-Root1] Blocked by UFW
|
Port Scan
Brute-Force
|
|
ToDi
|
|
WebAttack or semilar from 52.57.169.241
|
Web App Attack
|
|
Mr-Money
|
|
52.57.169.241 - - [01/Dec/2024:00:37:22 +0100] "GET //.env HTTP/1.1" 404 3555 "https://rnext.de/.env ... show more52.57.169.241 - - [01/Dec/2024:00:37:22 +0100] "GET //.env HTTP/1.1" 404 3555 "https://rnext.de/.env" "Mozilla/5.0 (X11; Linux x86_64)"
... show less
|
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
|
|
FeG Deutschland
|
|
Looking for CMS/PHP/SQL vulnerablilities - 12345671011
|
Exploited Host
Web App Attack
|
|
backslash
|
|
block ruleset bad bot: ignores robots.txt 8010B44F7E78AD8B94C70711C72D11CDE0DAC0F4
|
Bad Web Bot
|
|