|
๐ณ๐ฑ
homeshowdomain.nl
|
|
Auto-ban: >3000 req/min op 2025-10-05
|
Hacking
Web App Attack
SSH
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 04 20:05:42.234847 2025] [security2:error] [pid 20018:tid 20018] [client 54.167.4.231:52942] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oligofoundry.com"] [uri "/.env"] [unique_id "aOG2Vu_Yytt8Tsmc30qLAQAAAAM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Restricted File Access Requests
|
Hacking
Brute-Force
|
|
|
Anonymous
|
|
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET /phpinfo HTTP/1.1
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 04 17:59:01.783280 2025] [security2:error] [pid 1611:tid 1611] [client 54.167.4.231:58870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "network22.net"] [uri "/.env"] [unique_id "aOGYpUzIMJI7-7OcRtC7ogAAAAc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Multiple web server 400 error codes from same source ip
|
Web App Attack
|
|
|
๐จ๐ญ
YF
|
|
Attempted access to sensitive files
|
Web App Attack
|
|
|
๐ฉ๐ช
on-com
|
|
URL scan
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 04 15:38:54.016010 2025] [security2:error] [pid 29489:tid 29489] [client 54.167.4.231:58188] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrbaystreet.com"] [uri "/.env"] [unique_id "aOF3znURaarI61XKDY1sngAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 04 15:02:26.647177 2025] [security2:error] [pid 10908:tid 10908] [client 54.167.4.231:50090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "monkeyonabike.com"] [uri "/.git/config"] [unique_id "aOFvQntfJJt9FEd1ABgVGwAAAAY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
kjaerulff
|
|
Probed for .env vounabilities - 2 times
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 04 14:12:58.704606 2025] [security2:error] [pid 8027:tid 8027] [client 54.167.4.231:47692] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mikeneame.com"] [uri "/.env"] [unique_id "aOFjqqf2SCMxv_1guoj3dgAAAAo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Aggressive Robot or Attack DDOS
|
DDoS Attack
|
|
|
๐ฑ๐น
Evag Touf
|
|
(mod_security) mod_security triggered on hostname [redacted] 54.167.4.231 (US/United States/-)
|
SQL Injection
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazon ...
show more
(mod_security) mod_security (id:210492) triggered by 54.167.4.231 (ec2-54-167-4-231.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 04 13:41:07.133966 2025] [security2:error] [pid 29569:tid 29569] [client 54.167.4.231:56862] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "memrfixitok.com"] [uri "/portal/.env"] [unique_id "aOFcM0MF5Riqsl2R2GHC9gAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|