MAGIC
|
|
VM5 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
penjaga BRIN
|
|
-111
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 11:59:41.856370 2024] [security2:error] [pid 1694:tid 1694] [client 64.52.80.84:56148] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "km-link.gisur.com"] [uri "/.env"] [unique_id "ZypO_SVWI7NcBI5X_a5pbgAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 11:10:47.784775 2024] [security2:error] [pid 9225:tid 9225] [client 64.52.80.84:51918] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jwwsb.org"] [uri "/.env"] [unique_id "ZypDh0aVGeOiN9GJMMDsCgAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
mnsf
|
|
Too many Status 40X (12)
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 10:55:11.541417 2024] [security2:error] [pid 28426:tid 28426] [client 64.52.80.84:39938] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jonrcortright.com"] [uri "/.env"] [unique_id "Zyo_33ejQMAYdkQ8_Hv5dQAAAAI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 10:19:41.752254 2024] [security2:error] [pid 14632:tid 14671] [client 64.52.80.84:42540] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jab-us.com"] [uri "/.env"] [unique_id "Zyo3jdJQ66nzejrycNgj8QAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
BlueWire Hosting
|
|
Scanning for Laravel vulnerabilities
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 09:35:55.616542 2024] [security2:error] [pid 13754:tid 13754] [client 64.52.80.84:44200] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iros-iraq.com"] [uri "/.env"] [unique_id "ZyotS9w-euGf0mcDREzlKwAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Study Bitcoin 🤗
|
|
Port probe to tcp/443 (https)
[srv125]
|
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
|
|
Ba-Yu
|
|
General hacking/exploits/scanning
|
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
|
|
iNetWorker
|
|
trolling for resource vulnerabilities
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 08:39:51.390210 2024] [security2:error] [pid 13978:tid 14060] [client 64.52.80.84:48950] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "impact.gryphix.com"] [uri "/.env"] [unique_id "ZyogJwOeK1YEZs9YAJouRQAAAJc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Charles
|
|
64.52.80.84 - - [05/Nov/2024:21:24:10 +0800] "GET /.env HTTP/1.1" 404 5961 "-" "Mozilla/5.0 (X11; Li ... show more64.52.80.84 - - [05/Nov/2024:21:24:10 +0800] "GET /.env HTTP/1.1" 404 5961 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
... show less
|
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 07:46:15.862887 2024] [security2:error] [pid 10400:tid 10400] [client 64.52.80.84:58736] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iacarbonell.com"] [uri "/.env"] [unique_id "ZyoTl-lXE3fn0dxiDMafngAAAAE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|