๐ซ๐ฎ
tjs
2024-09-01 21:05:00
(1 year ago)
web attack
Hacking
Web App Attack
๐ช๐ธ
el-brujo
2024-08-31 12:47:24
(1 year ago)
31/Aug/2024:14:47:23.436940 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ...
show more
31/Aug/2024:14:47:23.436940 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 92.246.139.77] ModSecurity: Warning. Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "178"] [id "920170"] [msg "GET or HEAD Request with Body Content"] [data "340"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [hostname "elhacker.info"] [uri "/manuales/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php"] [unique_id "ZtMQ23qE2nPAL3K5zwCYFAAAcR8"]
...
show less
Hacking
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2024-08-31 11:53:43
(1 year ago)
92.246.139.77 - - [31/Aug/2024:14:53:42 +0300] "GET /administrator/index.php HTTP/1.1" 404 274 "-" " ...
show more
92.246.139.77 - - [31/Aug/2024:14:53:42 +0300] "GET /administrator/index.php HTTP/1.1" 404 274 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.110 Safari/537.36"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-31 11:00:17
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 92.246.139.77 (unbiased-stamp_n1.aeza.network): ...
show more
(mod_security) mod_security (id:225170) triggered by 92.246.139.77 (unbiased-stamp_n1.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 07:00:12.167348 2024] [security2:error] [pid 3993997:tid 3993997] [client 92.246.139.77:50378] [client 92.246.139.77] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||meganmurph.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "meganmurph.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZtL3vDaaww1giWtVwrRPgQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
Cloudkul Cloudkul
2024-08-31 09:24:11
(1 year ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-31 08:58:35
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): ...
show more
(mod_security) mod_security (id:210492) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 04:58:27.226463 2024] [security2:error] [pid 16197:tid 16197] [client 92.246.139.77:57786] [client 92.246.139.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.dudehotsauces.com"] [uri "/.env"] [unique_id "ZtLbM-17TxAy_TraDCr6MQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-31 07:57:35
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): ...
show more
(mod_security) mod_security (id:210492) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 03:57:28.087055 2024] [security2:error] [pid 12121:tid 12121] [client 92.246.139.77:53628] [client 92.246.139.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.doctoredwinalvarez.com"] [uri "/.env"] [unique_id "ZtLM6EpHbbudprFT7oRqPQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
CrystalMaker
2024-08-31 07:26:57
(1 year ago)
PHP vulnerability scan - GET /singlecrystal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php; POST ...
show more
PHP vulnerability scan - GET /singlecrystal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php; POST /singlecrystal/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php; GET /singlecrystal/vendor/phpunit/phpunit/src/Util/PHP/evil.php; GET /singlecrystal/app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php; POST /singlecrystal/app/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php; GET /singlecrystal/app/vendor/phpunit/phpunit/src/Util/PHP/evil.php; GET /singlecrystal/.env
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-31 06:56:55
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 92.246.139.77 (unbiased-stamp_n1.aeza.network): ...
show more
(mod_security) mod_security (id:225170) triggered by 92.246.139.77 (unbiased-stamp_n1.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 02:56:50.998472 2024] [security2:error] [pid 19008:tid 19008] [client 92.246.139.77:55716] [client 92.246.139.77] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.drgracetomastolentino.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.drgracetomastolentino.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZtK-suh_cOEtB-_GJ7XO0AAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2024-08-31 06:28:47
(1 year ago)
1.236 requests to */xmlrpc.php
Brute-Force
Bad Web Bot
๐ธ๐ฌ
pusathosting.com
2024-08-31 06:20:08
(1 year ago)
2ds22 bruteforce
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-31 04:19:16
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): ...
show more
(mod_security) mod_security (id:210492) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 00:19:12.085439 2024] [security2:error] [pid 25273:tid 25273] [client 92.246.139.77:33054] [client 92.246.139.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidnevue.com"] [uri "/.env"] [unique_id "ZtKZwFKOWfXnAaMryDrYAQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
el-brujo
2024-08-31 04:01:09
(1 year ago)
31/Aug/2024:06:01:09.185675 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ...
show more
31/Aug/2024:06:01:09.185675 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 92.246.139.77] ModSecurity: Warning. Match of "rx ^0?$" against "REQUEST_HEADERS:Content-Length" required. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "178"] [id "920170"] [msg "GET or HEAD Request with Body Content"] [data "743"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [hostname "elhacker.info"] [uri "/Cursos/node/1"] [unique_id "ZtKVheYcasLvPdzDuxGRJgABVT0"]
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-31 03:50:19
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): ...
show more
(mod_security) mod_security (id:225170) triggered by 92.246.139.77 (detailed-wind_n9.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 23:50:14.227080 2024] [security2:error] [pid 1034:tid 1034] [client 92.246.139.77:56516] [client 92.246.139.77] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ideaofauniversity.website|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ideaofauniversity.website"] [uri "/uncategorized/wp-json/wp/v2/users/1"] [unique_id "ZtKS9vomvhRyNs59odk1gQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2024-08-31 03:36:22
(1 year ago)
92.246.139.77 - - [31/Aug/2024:06:36:22 +0300] "GET /.env HTTP/1.1" 404 2856 "-" "Mozilla/5.0 (X11; ...
show more
92.246.139.77 - - [31/Aug/2024:06:36:22 +0300] "GET /.env HTTP/1.1" 404 2856 "-" "Mozilla/5.0 (X11; Ubuntu; 1955 ;Linux i686; rv:28.0) Gecko/20100101 Firefox/28.0"
...
show less
Web App Attack