FEWA
|
|
Fail2Ban Ban Triggered
|
Hacking
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 30 23:34:49.604031 2024] [security2:error] [pid 27208:tid 27208] [client 91.223.227.62:65495] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.15"] [uri "/.env"] [unique_id "ZyL62UrTuwNbve5igIOYqQAAAAc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Starburst SysOp Team
|
|
(mod_security-custom) mod_security (id:210492) triggered by 91.223.227.62 (UA/Ukraine/-): 1 in the l ... show more(mod_security-custom) mod_security (id:210492) triggered by 91.223.227.62 (UA/Ukraine/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Thu Oct 31 01:41:36.046210 2024] [:error] [pid 3439915:tid 3439943] [client 91.223.227.62:61345] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "154.12.231.1"] [uri "/.env"] [unique_id "ZyLgUOJMVGKvDsx-quFB2QAAAME"] show less
|
Hacking
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 30 21:27:13.015792 2024] [security2:error] [pid 20514:tid 20514] [client 91.223.227.62:60825] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.244"] [uri "/.env"] [unique_id "ZyLc8f2oUcg0wDJ-x5dvGwAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
exxos
|
|
web exploits attack
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 02:49:46.459725 2024] [security2:error] [pid 28660:tid 28660] [client 91.223.227.62:64806] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.13"] [uri "/.env"] [unique_id "Zx3iioWmW5Rd3Ya5a8IX1gAAAAk"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 02:18:20.370404 2024] [security2:error] [pid 2475:tid 2475] [client 91.223.227.62:55733] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.75"] [uri "/.env"] [unique_id "Zx3bLAzL6WPiOBAYqPpheQAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 00:29:23.162540 2024] [security2:error] [pid 31704:tid 31704] [client 91.223.227.62:62518] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.210"] [uri "/.env"] [unique_id "Zx3Bo6AopxErRcytS5JsQgAAAAE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 00:02:46.260377 2024] [security2:error] [pid 1468:tid 1468] [client 91.223.227.62:55236] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.166"] [uri "/.env"] [unique_id "Zx27Zhj6cuyBpTH3SA2e0gAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 19:12:28.923933 2024] [security2:error] [pid 28749:tid 28749] [client 91.223.227.62:53002] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cormanleigh.com"] [uri "/.env"] [unique_id "Zw2lXKCKKgH4iozHBxctfAAAAAo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 18:31:56.901925 2024] [security2:error] [pid 12044:tid 12044] [client 91.223.227.62:64044] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "comsew.com.au"] [uri "/.env"] [unique_id "Zw2b3G1-26ilGFjttJrk6QAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Malicious activity detected
|
Hacking
Web App Attack
|
|
cmbplf
|
|
161 requests to *.env
|
Brute-Force
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 91.223.227.62 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 17:30:27.576768 2024] [security2:error] [pid 4728:tid 4728] [client 91.223.227.62:54476] [client 91.223.227.62] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clubfansite.com"] [uri "/.env"] [unique_id "Zw2Nc-RVlG4Xc4RRZ62wVwAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
nationaleventpros.com
|
|
vulnerability scan
|
Web App Attack
|
|