diego
2025-01-16 03:13:45
(16 hours ago)
Events: TCP SYN Discovery or Flooding, Seen 5 times in the last 10800 seconds
DDoS Attack
rshict
2024-12-11 17:58:37
(1 month ago)
Hacking, Brute-Force, Web App Attack
Hacking
Brute-Force
Web App Attack
Anonymous
2024-12-07 11:55:25
(1 month ago)
[06/Dec/2024:05:00:27 -0500] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\"
[06/Dec/2024:05:00 ... show more [06/Dec/2024:05:00:27 -0500] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\"
[06/Dec/2024:05:00:27 -0500] \"GET / HTTP/1.0\" Blank UA show less
Hacking
BSG Webmaster
2024-12-07 08:35:08
(1 month ago)
Port scanning (Port 443)
Port Scan
Hacking
SecondEdge
2024-12-06 10:17:30
(1 month ago)
A web attack was detected from 142.93.246.106 (United States / New Jersey / North Bergen) against 52 ... show more A web attack was detected from 142.93.246.106 (United States / New Jersey / North Bergen) against 52.215.230.232 (Git Variable Scan). show less
Web App Attack
cusezar.com
2024-12-06 10:00:06
(1 month ago)
142.93.246.106 /.env
Brute-Force
TPI-Abuse
2024-12-06 09:40:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 142.93.246.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 142.93.246.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 04:40:12.473093 2024] [security2:error] [pid 12729:tid 12729] [client 142.93.246.106:52650] [client 142.93.246.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.206"] [uri "/.env"] [unique_id "Z1LGfPXNzH6RF0XwvRgwQwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-06 09:39:04
(1 month ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET / HTTP/1.0
Hacking
Web App Attack
jk jk
2024-12-06 09:38:52
(1 month ago)
GoPot Honeypot 1
Hacking
Web App Attack
dpinse
2024-12-06 09:30:29
(1 month ago)
teler detected CVE-2017-16894 against resource /.env from 142.93.246.106
Web App Attack
Anonymous
2024-12-06 09:25:24
(1 month ago)
$f2bV_matches
Brute-Force
Bad Web Bot
Web App Attack
Countryman
2024-12-06 09:24:16
(1 month ago)
repeated unauthorized connection attempts, host sweep, port scan
Port Scan
TPI-Abuse
2024-12-06 09:21:39
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 142.93.246.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 142.93.246.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 04:21:36.307296 2024] [security2:error] [pid 31588:tid 31588] [client 142.93.246.106:40514] [client 142.93.246.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.70"] [uri "/.env"] [unique_id "Z1LCIL4aOWGxVQ-KLvErzQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
diego
2024-12-06 09:00:51
(1 month ago)
Events: TCP SYN Discovery or Flooding, Seen 14 times in the last 10800 seconds
DDoS Attack
TPI-Abuse
2024-12-06 09:00:28
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 142.93.246.106 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 142.93.246.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 04:00:22.608676 2024] [security2:error] [pid 27797:tid 27797] [client 142.93.246.106:38288] [client 142.93.246.106] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.62"] [uri "/.env"] [unique_id "Z1K9JoU4T3eIz7gozetYpwAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack