TPI-Abuse
2024-08-21 22:19:16
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 91.92.240.88 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 91.92.240.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 18:19:11.415835 2024] [security2:error] [pid 23109:tid 23109] [client 91.92.240.88:53838] [client 91.92.240.88] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.199"] [uri "/.env"] [unique_id "ZsZn3yvIYWvCrpelZqjc-QAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-21 21:58:14
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 91.92.240.88 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 91.92.240.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 17:58:10.797998 2024] [security2:error] [pid 5730:tid 5730] [client 91.92.240.88:54901] [client 91.92.240.88] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.214"] [uri "/.env"] [unique_id "ZsZi8pHmwoivg386Y95qeQAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-21 21:20:33
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 91.92.240.88 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 91.92.240.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 21 17:20:28.095834 2024] [security2:error] [pid 27469:tid 27556] [client 91.92.240.88:53635] [client 91.92.240.88] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.123"] [uri "/.env"] [unique_id "ZsZaHIY2YjdYKe6KXLiefgAAAcU"] show less
Brute-Force
Bad Web Bot
Web App Attack
afleventoffice.com.au
2024-08-21 11:09:23
(2 weeks ago)
Web App Attack
Anonymous
2024-07-11 10:21:10
(1 month ago)
[10/Jul/2024:08:52:05 -0400] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/53 ... show more [10/Jul/2024:08:52:05 -0400] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36\"
[10/Jul/2024:08:52:06 -0400] \"POST / HTTP/1.1\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36\"
[10/Jul/2024:08:52:08 -0400] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36\"
[10/Jul/2024:08:52:10 -0400] \"POST / HTTP/1.1\" \"Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36\" show less
Hacking
Coco Bongo
2024-07-11 00:25:14
(1 month ago)
91.92.240.88 [redacted] - [11/Jul/2024:02:25:13 +0200] "GET /.env HTTP/1.1" 404 188 "-" "Mozilla/5.0 ... show more 91.92.240.88 [redacted] - [11/Jul/2024:02:25:13 +0200] "GET /.env HTTP/1.1" 404 188 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
... show less
Bad Web Bot
Web App Attack
sid3windr
2024-07-10 23:56:24
(1 month ago)
GET /.env (Tarpitted for 5h6m53s, wasted 1.05MB)
Web App Attack
Bedios GmbH
2024-07-10 22:34:39
(2 months ago)
Login credentials theft attempt
Hacking
10dencehispahard SL
2024-07-10 22:03:08
(2 months ago)
Suspicious activity detected by Modsecurity [Suspicious IP found on 8 endpoints 16 hits. Reincident ... show more Suspicious activity detected by Modsecurity [Suspicious IP found on 8 endpoints 16 hits. Reincident by 0. Rules:] show less
Web App Attack
sid3windr
2024-07-10 17:59:24
(2 months ago)
GET /.env (Tarpitted for 1h38m24s, wasted 346.05kB)
Web App Attack
sid3windr
2024-07-10 16:21:23
(2 months ago)
GET /.env (Tarpitted for 1d10h10m46s, wasted 7.04MB)
Web App Attack
Anonymous
2024-07-10 05:10:05
(2 months ago)
2024/07/10 07:10:03 [error] 5690#5690: *608698 access forbidden by rule, client: 91.92.240.88, serve ... show more 2024/07/10 07:10:03 [error] 5690#5690: *608698 access forbidden by rule, client: 91.92.240.88, server: _, request: "GET /.env HTTP/1.1", host: "212.83.182.103" show less
Brute-Force
Web App Attack
webbfabriken
2024-07-10 04:48:08
(2 months ago)
spam or other hacking activities reported by webbfabriken security servers
Attack reported by ... show more spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabiken Security API - WFSecAPI show less
Web Spam
Anonymous
2024-07-09 23:25:12
(2 months ago)
DNS Compromise
DDoS Attack
PulseServers
2024-07-09 20:13:21
(2 months ago)
Probing a honeypot for vulnerabilities. Ignored robots.txt - US10 Honeypot
...
Hacking
Web App Attack