|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 08:36:45.768629 2025] [security2:error] [pid 29097:tid 29097] [client 54.177.137.32:46710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "toyz.net"] [uri "/.env"] [unique_id "aLmH3cQh-uLxz8X7K_J2UAAAAAY"], referer: https://www.google.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฎ๐ช
RoboSOC
|
|
phpunit Remote Code Execution Vulnerability, PTR: ec2-54-177-137-32.us-west-1.compute.amazonaws.com.
|
Hacking
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 07:17:13.700645 2025] [security2:error] [pid 23497:tid 23497] [client 54.177.137.32:59504] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "totenclaus.es"] [uri "/.env"] [unique_id "aLl1Od9RWOomNvcEjn6RrgAAAA8"], referer: https://www.google.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 06:21:50.694278 2025] [security2:error] [pid 1519:tid 1519] [client 54.177.137.32:45710] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tracybur.net"] [uri "/.env"] [unique_id "aLloPms7owi0cBjzy8Y9CQAAABw"], referer: https://www.google.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
Ba-Yu
|
|
General hacking/exploits/scanning
|
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
|
|
|
๐ณ๐ฑ
debestelapp
|
|
|
Web App Attack
|
|
|
๐ณ๐ฑ
Roderic
|
|
(mod_security) mod_security triggered on hostname [redacted])
|
SQL Injection
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.comp ...
show more
(mod_security) mod_security (id:210492) triggered by 54.177.137.32 (ec2-54-177-137-32.us-west-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 03 23:13:24.924623 2025] [security2:error] [pid 11321:tid 11321] [client 54.177.137.32:47962] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "redlitephotos.com"] [uri "/.env"] [unique_id "aLkD1K8d-YSMftLA3ndVzAAAAAI"], referer: https://www.google.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ง๐ช
cmbplf
|
|
1.469 requests with url.path *.env
|
Brute-Force
Bad Web Bot
|
|
|
๐ซ๐ท
dynamix
|
|
Multiple WAF Violations
|
Web App Attack
|
|
|
๐ฉ๐ช
FeG Deutschland
|
|
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 27
|
Exploited Host
Web App Attack
|
|
|
Anonymous
|
|
Multiple web server 400 error codes from same source ip
|
Web App Attack
|
|