User Starburst SysOp Team joined AbuseIPDB in June 2020 and has reported 10,150 IP addresses.
Standing (weight) is good.
ACTIVE USER
WEBMASTER
SUPPORTER
IP | Date | Comment | Categories |
---|---|---|---|
141.98.11.114 |
(mod_security-custom) mod_security (id:210730) triggered by 141.98.11.114 (LT/Lithuania/srv-141-98-1 ... show more(mod_security-custom) mod_security (id:210730) triggered by 141.98.11.114 (LT/Lithuania/srv-141-98-11-114.serveroffer.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 09:12:07.904338 2024] [:error] [pid 1294599:tid 1294651] [client 141.98.11.114:49566] [client 141.98.11.114] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/usr/local/apache/modsecurity-cwaf/rules/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||144.126.150.13|F|2"] [data ".vbs"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "144.126.150.13"] [uri "/0.vbs"] [unique_id "ZuVTZ9Lmfiv3UZUXok6P-wAAAM4"] show less
|
Brute-Force | |
94.141.120.37 |
(mod_security-custom) mod_security (id:210492) triggered by 94.141.120.37 (US/United States/-): 1 in ... show more(mod_security-custom) mod_security (id:210492) triggered by 94.141.120.37 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 08:41:10.339736 2024] [:error] [pid 1537:tid 1586] [client 94.141.120.37:59252] [client 94.141.120.37] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "209.126.87.161"] [uri "/.env"] [unique_id "ZuVMJrBT-cFpDoFQWvTLYQAAANY"] show less
|
Hacking | |
4.178.136.98 |
(mod_security-custom) mod_security (id:210492) triggered by 4.178.136.98 (FR/France/-): 1 in the las ... show more(mod_security-custom) mod_security (id:210492) triggered by 4.178.136.98 (FR/France/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 06:12:37.508857 2024] [:error] [pid 359539:tid 359689] [client 4.178.136.98:60300] [client 4.178.136.98] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "144.126.152.165"] [uri "/.env"] [unique_id "ZuUpVVNcoJF1LXoshd3FdQAAAEs"] show less
|
Brute-Force | |
84.247.146.45 |
[Sat Sep 14 03:51:20.803335 2024] [:error] [pid 3093959:tid 3094067] [client 84.247.146.45:56840] [c ... show more[Sat Sep 14 03:51:20.803335 2024] [:error] [pid 3093959:tid 3094067] [client 84.247.146.45:56840] [client 84.247.146.45] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||66.94.106.222:80|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "66.94.106.222"] [uri "/hello.world"] [unique_id "ZuUIOA1TvEltot7HbDPd0gAAAIs"] show less
|
Hacking Brute-Force Web App Attack | |
179.43.133.242 |
(mod_security-custom) mod_security (id:210492) triggered by 179.43.133.242 (CH/Switzerland/hostedby. ... show more(mod_security-custom) mod_security (id:210492) triggered by 179.43.133.242 (CH/Switzerland/hostedby.privatelayer.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 03:44:08.909596 2024] [:error] [pid 2024956:tid 2025102] [client 179.43.133.242:44204] [client 179.43.133.242] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sin2-2.starburstserver.net"] [uri "/.git/config"] [unique_id "ZuUGiCXkcQTC2uFHsdJ7OQAAAE4"] show less
|
Hacking | |
97.64.20.231 |
[Sat Sep 14 02:56:43.652691 2024] [:error] [pid 209223:tid 209278] [client 97.64.20.231:50202] [clie ... show more[Sat Sep 14 02:56:43.652691 2024] [:error] [pid 209223:tid 209278] [client 97.64.20.231:50202] [client 97.64.20.231] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||46.250.241.19:80|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "46.250.241.19"] [uri "/hello.world"] [unique_id "ZuT7awR-m1ruQm_mE9fCygAAANM"] show less
|
Hacking Brute-Force Web App Attack | |
98.159.33.41 |
(mod_security-custom) mod_security (id:210492) triggered by 98.159.33.41 (US/United States/-): 1 in ... show more(mod_security-custom) mod_security (id:210492) triggered by 98.159.33.41 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 01:37:50.016129 2024] [:error] [pid 75554:tid 75647] [client 98.159.33.41:34233] [client 98.159.33.41] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "46.250.231.211"] [uri "/.env"] [unique_id "ZuTo7tdSZfsUBmDge_08FwAAAEg"] show less
|
Hacking | |
179.43.133.242 |
(mod_security-custom) mod_security (id:210492) triggered by 179.43.133.242 (DE/Germany/hostedby.priv ... show more(mod_security-custom) mod_security (id:210492) triggered by 179.43.133.242 (DE/Germany/hostedby.privatelayer.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 00:44:43.579293 2024] [:error] [pid 3747816:tid 3747974] [client 179.43.133.242:34630] [client 179.43.133.242] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stl2-6.starburstserver.net"] [uri "/.git/config"] [unique_id "ZuTce1YC16JGEWAEdNoyEwAAABc"] show less
|
Brute-Force | |
142.93.0.66 |
(mod_security-custom) mod_security (id:210492) triggered by 142.93.0.66 (US/United States/b1cb777a43 ... show more(mod_security-custom) mod_security (id:210492) triggered by 142.93.0.66 (US/United States/b1cb777a43.scan.leakix.org): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 00:44:17.160735 2024] [:error] [pid 3747820:tid 3747960] [client 142.93.0.66:55698] [client 142.93.0.66] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stl2-6.starburstserver.net"] [uri "/.env"] [unique_id "ZuTcYZvzaAMlOA4GyfrMxAAAAFE"] show less
|
Brute-Force | |
85.203.44.4 |
(mod_security-custom) mod_security (id:210492) triggered by 85.203.44.4 (SE/Sweden/-): 1 in the last ... show more(mod_security-custom) mod_security (id:210492) triggered by 85.203.44.4 (SE/Sweden/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Sat Sep 14 00:07:04.017127 2024] [:error] [pid 3706024:tid 3706032] [client 85.203.44.4:35161] [client 85.203.44.4] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "62.72.43.131"] [uri "/.env"] [unique_id "ZuTTqKImMfsLqgAgXEp_EQAAAYY"] show less
|
Hacking | |
45.95.243.15 |
(mod_security-custom) mod_security (id:210492) triggered by 45.95.243.15 (AT/Austria/-): 1 in the la ... show more(mod_security-custom) mod_security (id:210492) triggered by 45.95.243.15 (AT/Austria/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Fri Sep 13 22:32:36.261136 2024] [:error] [pid 2249475:tid 2249488] [client 45.95.243.15:31327] [client 45.95.243.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "149.102.129.233"] [uri "/.env"] [unique_id "ZuS9hMlX-WXDffRlIyK6BwAAAAk"] show less
|
Hacking | |
20.6.94.71 |
[Fri Sep 13 21:24:57.371759 2024] [:error] [pid 1859926:tid 1859956] [client 20.6.94.71:61027] [clie ... show more[Fri Sep 13 21:24:57.371759 2024] [:error] [pid 1859926:tid 1859956] [client 20.6.94.71:61027] [client 20.6.94.71] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "66.94.106.222"] [uri "/.env"] [unique_id "ZuStqbfxImYZR0UitCoBKgAAAMM"] show less
|
Hacking Brute-Force Web App Attack | |
203.150.107.31 |
[Fri Sep 13 21:04:48.987826 2024] [:error] [pid 2711631:tid 2711652] [client 203.150.107.31:36056] [ ... show more[Fri Sep 13 21:04:48.987826 2024] [:error] [pid 2711631:tid 2711652] [client 203.150.107.31:36056] [client 203.150.107.31] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||149.102.155.86:80|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "149.102.155.86"] [uri "/hello.world"] [unique_id "ZuSo8P6wfwoBCopQUQ7Y0AAAAFM"] show less
|
Hacking Brute-Force Web App Attack | |
109.199.116.50 |
[Fri Sep 13 20:58:50.047673 2024] [:error] [pid 223290:tid 223396] [client 109.199.116.50:46856] [cl ... show more[Fri Sep 13 20:58:50.047673 2024] [:error] [pid 223290:tid 223396] [client 109.199.116.50:46856] [client 109.199.116.50] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||154.12.224.141:80|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "154.12.224.141"] [uri "/hello.world"] [unique_id "ZuSniumlg5qDQWhkJEfNrAAAANc"] show less
|
Hacking Brute-Force Web App Attack | |
47.236.203.245 |
[Fri Sep 13 19:48:25.143304 2024] [:error] [pid 87325:tid 87481] [client 47.236.203.245:56566] [clie ... show more[Fri Sep 13 19:48:25.143304 2024] [:error] [pid 87325:tid 87481] [client 47.236.203.245:56566] [client 47.236.203.245] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||194.233.68.144:443|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "194.233.68.144"] [uri "/hello.world"] [unique_id "ZuSXCV-49ugBJjxikXZHYwAAAFg"] show less
|
Hacking Brute-Force Web App Attack | |
141.98.11.114 |
(mod_security-custom) mod_security (id:210730) triggered by 141.98.11.114 (LT/Lithuania/srv-141-98-1 ... show more(mod_security-custom) mod_security (id:210730) triggered by 141.98.11.114 (LT/Lithuania/srv-141-98-11-114.serveroffer.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Fri Sep 13 19:42:56.716785 2024] [:error] [pid 198523:tid 198574] [client 141.98.11.114:60760] [client 141.98.11.114] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/usr/local/apache/modsecurity-cwaf/rules/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||154.12.224.141|F|2"] [data ".vbs"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "154.12.224.141"] [uri "/0.vbs"] [unique_id "ZuSVwEUW9u5EBRJ1HDVo8QAAABY"] show less
|
Hacking | |
50.6.171.80 |
[Fri Sep 13 18:07:35.830442 2024] [:error] [pid 1859926:tid 1859968] [client 50.6.171.80:65385] [cli ... show more[Fri Sep 13 18:07:35.830442 2024] [:error] [pid 1859926:tid 1859968] [client 50.6.171.80:65385] [client 50.6.171.80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "66.94.106.222"] [uri "/.env"] [unique_id "ZuR_Z7fxImYZR0UitCoAagAAAM8"] show less
|
Hacking Brute-Force Web App Attack | |
47.89.218.118 |
[Fri Sep 13 15:53:08.216149 2024] [:error] [pid 1718254:tid 1718397] [client 47.89.218.118:50830] [c ... show more[Fri Sep 13 15:53:08.216149 2024] [:error] [pid 1718254:tid 1718397] [client 47.89.218.118:50830] [client 47.89.218.118] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||66.94.106.222:443|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "66.94.106.222"] [uri "/hello.world"] [unique_id "ZuRf5A0062GRlr22iahUDwAAAFc"] show less
|
Hacking Brute-Force Web App Attack | |
193.19.207.231 |
[Fri Sep 13 14:54:47.252980 2024] [:error] [pid 144731:tid 144807] [client 193.19.207.231:54024] [cl ... show more[Fri Sep 13 14:54:47.252980 2024] [:error] [pid 144731:tid 144807] [client 193.19.207.231:54024] [client 193.19.207.231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "209.126.87.161"] [uri "/.env"] [unique_id "ZuRSN_T-T5gvWkxeunZQ7AAAAFQ"] show less
|
Hacking Brute-Force Web App Attack | |
203.150.107.31 |
[Fri Sep 13 11:41:02.271099 2024] [:error] [pid 3370651:tid 3370689] [client 203.150.107.31:47574] [ ... show more[Fri Sep 13 11:41:02.271099 2024] [:error] [pid 3370651:tid 3370689] [client 203.150.107.31:47574] [client 203.150.107.31] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||74.208.45.158:80|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "74.208.45.158"] [uri "/hello.world"] [unique_id "ZuQkzhK3DJ-QBLF-cto3wwAAAEY"] show less
|
Hacking Brute-Force Web App Attack | |
47.74.36.4 |
[Fri Sep 13 11:40:25.034067 2024] [:error] [pid 3370653:tid 3370714] [client 47.74.36.4:55752] [clie ... show more[Fri Sep 13 11:40:25.034067 2024] [:error] [pid 3370653:tid 3370714] [client 47.74.36.4:55752] [client 47.74.36.4] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in|out|err)|(in|out)put|fd|memory|temp|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/usr/local/apache/modsecurity-cwaf/rules/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found||74.208.45.158:443|F|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "74.208.45.158"] [uri "/hello.world"] [unique_id "ZuQkqAqD0BlBRiwGTdmS0wAAAIY"] show less
|
Hacking Brute-Force Web App Attack | |
4.240.107.65 |
(mod_security-custom) mod_security (id:210492) triggered by 4.240.107.65 (IN/India/-): 1 in the last ... show more(mod_security-custom) mod_security (id:210492) triggered by 4.240.107.65 (IN/India/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Fri Sep 13 17:00:35.659927 2024] [:error] [pid 198524:tid 198636] [client 4.240.107.65:58713] [client 4.240.107.65] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "154.12.224.141"] [uri "/.env"] [unique_id "ZuRvsxX9PcxcToGUMmJKowAAAEY"] show less
|
Hacking | |
193.19.207.231 |
(mod_security-custom) mod_security (id:210492) triggered by 193.19.207.231 (-): 1 in the last 3600 s ... show more(mod_security-custom) mod_security (id:210492) triggered by 193.19.207.231 (-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Fri Sep 13 14:54:47.252980 2024] [:error] [pid 144731:tid 144807] [client 193.19.207.231:54024] [client 193.19.207.231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "209.126.87.161"] [uri "/.env"] [unique_id "ZuRSN_T-T5gvWkxeunZQ7AAAAFQ"] show less
|
Hacking | |
84.247.137.32 |
(mod_security-custom) mod_security (id:210492) triggered by 84.247.137.32 (DE/Germany/vmi1603568.con ... show more(mod_security-custom) mod_security (id:210492) triggered by 84.247.137.32 (DE/Germany/vmi1603568.contaboserver.net): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Fri Sep 13 14:11:15.185445 2024] [:error] [pid 209223:tid 209269] [client 84.247.137.32:63539] [client 84.247.137.32] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "46.250.241.19"] [uri "/.env"] [unique_id "ZuRIAwR-m1ruQm_mE9eGKgAAAMo"] show less
|
Hacking | |
94.141.120.37 |
(mod_security-custom) mod_security (id:210492) triggered by 94.141.120.37 (US/United States/-): 1 in ... show more(mod_security-custom) mod_security (id:210492) triggered by 94.141.120.37 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Fri Sep 13 13:56:11.561849 2024] [:error] [pid 2099766:tid 2099785] [client 94.141.120.37:61168] [client 94.141.120.37] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "85.239.247.10"] [uri "/.env"] [unique_id "ZuREe9VY41ysiisDRhQyWQAAABA"] show less
|
Hacking |