TPI-Abuse
2024-12-01 05:19:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.c ... show more (mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 00:19:41.879561 2024] [security2:error] [pid 3587615:tid 3587615] [client 52.58.187.158:54818] [client 52.58.187.158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thejuliataylor.ingberinteriors.com"] [uri "/.env"] [unique_id "Z0vx7YzUD6m8SIZu8ik32AAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
BlueWire Hosting
2024-12-01 05:10:45
(1 week ago)
Scanning for Laravel vulnerabilities
Web App Attack
TPI-Abuse
2024-12-01 05:04:38
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.c ... show more (mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 00:04:29.548534 2024] [security2:error] [pid 25423:tid 25423] [client 52.58.187.158:53732] [client 52.58.187.158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.staben.com"] [uri "/.env"] [unique_id "Z0vuXaH7JtQi3GOxcWKj4wAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-01 04:42:02
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.c ... show more (mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 23:41:57.945274 2024] [security2:error] [pid 1428772:tid 1428772] [client 52.58.187.158:44010] [client 52.58.187.158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "more-grace.com"] [uri "/.env"] [unique_id "Z0vpFWx-OpKFWWGxylQx_AAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Bedios GmbH
2024-12-01 04:36:18
(1 week ago)
Login credentials theft attempt
Hacking
TPI-Abuse
2024-12-01 03:56:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.c ... show more (mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 22:56:39.160731 2024] [security2:error] [pid 12927:tid 12927] [client 52.58.187.158:47066] [client 52.58.187.158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.carmensaundersrussell.com"] [uri "/.env"] [unique_id "Z0vedwY6xg4cwU5WHQWRLQAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-01 02:33:58
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-12-01 02:07:15
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.c ... show more (mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 21:07:08.652507 2024] [security2:error] [pid 14342:tid 14342] [client 52.58.187.158:47562] [client 52.58.187.158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.musicofyour.life"] [uri "/.env"] [unique_id "Z0vEzP8Tsv2Iri_gC3ihPgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-01 01:05:17
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.c ... show more (mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 20:05:12.097904 2024] [security2:error] [pid 24558:tid 24558] [client 52.58.187.158:50922] [client 52.58.187.158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "99newmexicans.com"] [uri "/.env"] [unique_id "Z0u2SOeBhFKwSBH_jZ0pnAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-01 00:17:24
(1 week ago)
(mod_security) mod_security triggered on hostname [redacted] 52.58.187.158 (DE/Germany/ec2-52-58-187 ... show more (mod_security) mod_security triggered on hostname [redacted] 52.58.187.158 (DE/Germany/ec2-52-58-187-158.eu-central-1.compute.amazonaws.com) show less
SQL Injection
Progetto1
2024-12-01 00:09:01
(1 week ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2024-12-01 00:08:52
(1 week ago)
fail2ban_mm apache-modsecurity [msg "Range: field exists and begins with 0."] [uri "/.env"]
Web App Attack
paissangroup
2024-12-01 00:04:30
(1 week ago)
Multiple WAF Violations
Web App Attack
TPI-Abuse
2024-11-30 23:54:15
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.c ... show more (mod_security) mod_security (id:210492) triggered by 52.58.187.158 (ec2-52-58-187-158.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 18:54:09.584058 2024] [security2:error] [pid 7906:tid 7927] [client 52.58.187.158:44710] [client 52.58.187.158] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gelatoconsapevole.it"] [uri "/.env"] [unique_id "Z0uloefnExcQu9-lrEfoJwAAAQw"] show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2022-10-19 04:50:06
(2 years ago)
block ruleset bad bot: ignores robots.txt 8010B44F7E78AD8B94C70711C72D11CDE0DAC0F4
Bad Web Bot