BlueWire Hosting
2024-12-01 05:10:21
(6 days ago)
Scanning for Laravel vulnerabilities
Web App Attack
TPI-Abuse
2024-12-01 05:04:35
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 00:04:29.439618 2024] [security2:error] [pid 1449648:tid 1449648] [client 54.211.214.14:56208] [client 54.211.214.14] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.cezaraudiovisual.com"] [uri "/.env"] [unique_id "Z0vuXXD9qlYcP1FPtKTYAQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
conseilgouz
2024-12-01 04:36:47
(6 days ago)
doe-17 : Block hidden directories=>/.env(/)
Hacking
TPI-Abuse
2024-12-01 04:35:57
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 23:35:50.022785 2024] [security2:error] [pid 3038191:tid 3038191] [client 54.211.214.14:48468] [client 54.211.214.14] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aandsmetal.com"] [uri "/.env"] [unique_id "Z0vnprymjQfMD5vnjhLrEwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
FeG Deutschland
2024-12-01 04:05:54
(6 days ago)
Looking for CMS/PHP/SQL vulnerablilities - 12345671011
Exploited Host
Web App Attack
TPI-Abuse
2024-12-01 03:59:16
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 22:59:10.194991 2024] [security2:error] [pid 4337:tid 4337] [client 54.211.214.14:42090] [client 54.211.214.14] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.agirlwithaguitar.com"] [uri "/.env"] [unique_id "Z0vfDlM2zI7aqs5pEFbr4AAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-01 03:17:55
(6 days ago)
(mod_security) mod_security triggered on hostname [redacted] 54.211.214.14 (US/United States/ec2-54- ... show more (mod_security) mod_security triggered on hostname [redacted] 54.211.214.14 (US/United States/ec2-54-211-214-14.compute-1.amazonaws.com) show less
SQL Injection
dwmp
2024-12-01 03:17:34
(6 days ago)
[01/Dec/2024:04:04:18.793117 +0100] Z0vSMk8CERPBU0UAXVStYwAAABg 54.211.214.14 52824 38.242.227.117 7 ... show more [01/Dec/2024:04:04:18.793117 +0100] Z0vSMk8CERPBU0UAXVStYwAAABg 54.211.214.14 52824 38.242.227.117 7081
[01/Dec/2024:04:09:27.681809 +0100] Z0vTZ08CERPBU0UAXVStawAAABY 54.211.214.14 52900 38.242.227.117 7081
[01/Dec/2024:04:17:32.918390 +0100] Z0vVTGOViV5H0w4YwFcyWgAAAMc 54.211.214.14 53008 38.242.227.117 7081
... show less
Brute-Force
SSH
TPI-Abuse
2024-12-01 02:19:11
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 21:19:04.639625 2024] [security2:error] [pid 11470:tid 11470] [client 54.211.214.14:34424] [client 54.211.214.14] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.somewierdness.com"] [uri "/.env"] [unique_id "Z0vHmCL3fHEn4wW-ve7GRQAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-01 02:03:40
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 54.211.214.14 (ec2-54-211-214-14.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 21:03:31.124823 2024] [security2:error] [pid 3860:tid 3860] [client 54.211.214.14:36134] [client 54.211.214.14] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.socialsimulations.com"] [uri "/.env"] [unique_id "Z0vD82eJspQ0Ul6va_CwTwAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-11-30 23:11:15
(1 week ago)
Multiple WAF Violations
Brute-Force
Web App Attack
Anonymous
2024-03-12 03:46:56
(8 months ago)
Common attack or app scan event detected and blocked
Port Scan
Hacking
Web App Attack