SaltySoftworks
|
|
User agent spoofing
Connecting to IP instead of domain name
|
Hacking
Spoofing
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 07:13:10.401845 2024] [security2:error] [pid 21184:tid 21184] [client 157.230.158.5:44670] [client 157.230.158.5] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.28"] [uri "/.env"] [unique_id "Zyi6Vn6MTXnBMmRRI1UY3gAAABg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MPL
|
|
tcp/443 (4 or more attempts)
|
Port Scan
|
|
Study Bitcoin 🤗
|
|
Port probe to tcp/443 (https)
[srv126]
|
Port Scan
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 06:43:09.558973 2024] [security2:error] [pid 27615:tid 27615] [client 157.230.158.5:33436] [client 157.230.158.5] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.5"] [uri "/.env"] [unique_id "ZyizTdayZxOt1Jzz1mzdUAAAABY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 06:27:09.182394 2024] [security2:error] [pid 6859:tid 6859] [client 157.230.158.5:55714] [client 157.230.158.5] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.233"] [uri "/.env"] [unique_id "ZyivjR7H9PPGAZTe3agfLAAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
CMS/WebApp Exploit attempt
|
Web App Attack
|
|
kkeyser
|
|
GET /.env HTTP/1.1
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 06:11:13.383974 2024] [security2:error] [pid 1048:tid 1048] [client 157.230.158.5:56972] [client 157.230.158.5] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.11"] [uri "/.env"] [unique_id "Zyir0VXHgGvYP041Qh4BSAAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MPL
|
|
tcp/443 (16 or more attempts)
|
Port Scan
|
|
Lunik
|
|
Malicious access
|
Web Spam
Port Scan
Web App Attack
|
|
polido
|
|
Unauthorized connection attempt to port 443 from 157.230.158.5
|
Port Scan
|
|
david1117
|
|
Bruteforcing Access to Web Application
|
Web App Attack
IoT Targeted
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 05:26:35.958997 2024] [security2:error] [pid 136412:tid 136412] [client 157.230.158.5:37886] [client 157.230.158.5] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.163"] [uri "/.env"] [unique_id "ZyihW-tcE0D5qYkLUVJ9tQAAAA8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 157.230.158.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 05:06:10.147215 2024] [security2:error] [pid 27837:tid 27837] [client 157.230.158.5:55488] [client 157.230.158.5] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.229"] [uri "/.env"] [unique_id "ZyickpZO2ufRPj1nwsUP1gAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|