Savvii
2024-11-10 09:28:35
(2 months ago)
20 attempts against mh-misbehave-ban on cedar
Brute-Force
Bad Web Bot
Web App Attack
Roderic
2024-11-10 08:39:36
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted] 91.236.254.83 (FR/France/srv392.firsthe ... show more (mod_security) mod_security triggered on hostname [redacted] 91.236.254.83 (FR/France/srv392.firstheberg.net) show less
SQL Injection
Staging
2024-11-10 08:22:00
(2 months ago)
crapola
Hacking
Savvii
2024-11-10 06:41:19
(2 months ago)
21 attempts against mh-misbehave-ban on cedar
Brute-Force
Bad Web Bot
Web App Attack
Incidents Response Neptus Team
2024-11-10 06:27:00
(2 months ago)
Report Abuse IP
Hacking
Exploited Host
Web App Attack
Anonymous
2024-11-10 05:42:47
(2 months ago)
Aggressive web scan
Web App Attack
TPI-Abuse
2024-11-10 03:04:52
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 91.236.254.83 (srv392.firstheberg.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 91.236.254.83 (srv392.firstheberg.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 22:04:46.763840 2024] [security2:error] [pid 25187:tid 25187] [client 91.236.254.83:58631] [client 91.236.254.83] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "renju.net"] [uri "/.env"] [unique_id "ZzAizsZaLaQtHlw-BXrvoAAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-10 02:47:36
(2 months ago)
$f2bV_matches
Brute-Force
Web App Attack
Savvii
2024-11-10 02:28:43
(2 months ago)
20 attempts against mh_ha-misbehave-ban on drop
Brute-Force
Bad Web Bot
Web App Attack
subnetprotocol
2024-11-10 01:43:33
(2 months ago)
10/Nov/2024:02:43:30.301450 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ... show more 10/Nov/2024:02:43:30.301450 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 91.236.254.83] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "mignonne.com"] [uri "/.env"] [unique_id "ZzAPwkSClmVJudZpOdt8oQAAAc0"]
10/Nov/2024:02:43:31.093241 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 91.236.254.83] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTAC
... show less
Hacking
Web App Attack
valeon
2024-11-10 01:37:57
(2 months ago)
Bad Web Bot
Web App Attack
Incidents Response Neptus Team
2024-11-10 01:26:00
(2 months ago)
Report Abuse IP
Hacking
Exploited Host
Web App Attack
TPI-Abuse
2024-11-10 00:42:14
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 91.236.254.83 (srv392.firstheberg.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 91.236.254.83 (srv392.firstheberg.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 19:42:09.452211 2024] [security2:error] [pid 3882:tid 3882] [client 91.236.254.83:2966] [client 91.236.254.83] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "comments.barkdull.org"] [uri "/.env"] [unique_id "ZzABYUuCICYW_L8-KmapWwAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-09 23:30:40
(2 months ago)
Multiple unauthorized attempt to access to non-existent path
Web App Attack
Incidents Response Neptus Team
2024-11-09 23:05:00
(2 months ago)
Report Abuse IP
DDoS Attack
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack