ATV
2024-12-15 03:03:20
(1 month ago)
Unsolicited connection attempts to port 443
Hacking
mr_whitehat
2024-12-15 00:34:28
(1 month ago)
Probed for vulnerable web application: request line: /.env (Possible exploit:Unprotected .env files)
Web App Attack
c y
2024-12-14 16:47:09
(1 month ago)
...
Web App Attack
sdos.es
2024-12-14 07:09:23
(1 month ago)
"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"
Web App Attack
Countryman
2024-12-14 07:08:58
(1 month ago)
repeated unauthorized connection attempts, host sweep, port scan
Port Scan
TPI-Abuse
2024-12-14 07:07:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 14 02:07:17.218865 2024] [security2:error] [pid 9394:tid 9394] [client 157.245.55.172:44352] [client 157.245.55.172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.240"] [uri "/.env"] [unique_id "Z10upQAyzc2ZeQujIJf2GAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-14 07:04:33
(1 month ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET / HTTP/1.0
Hacking
Web App Attack
iplusv
2024-12-14 07:00:05
(1 month ago)
Automatic report from IV firewall log.
Port Scan
Hacking
Brute-Force
TPI-Abuse
2024-12-14 06:44:21
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 14 01:44:16.731689 2024] [security2:error] [pid 6576:tid 6576] [client 157.245.55.172:56520] [client 157.245.55.172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.39"] [uri "/.env"] [unique_id "Z10pQDUQeMfi4Y-94TpkXwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
diego
2024-12-14 06:28:29
(1 month ago)
Events: TCP SYN Discovery or Flooding, Seen 12 times in the last 10800 seconds
DDoS Attack
TPI-Abuse
2024-12-14 06:04:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 14 01:04:14.169412 2024] [security2:error] [pid 31203:tid 31203] [client 157.245.55.172:47166] [client 157.245.55.172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.245"] [uri "/.env"] [unique_id "Z10f3iTAcGxMZ1gzwUIjTgAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
lumbermatt_de
2024-12-14 05:42:49
(1 month ago)
Vulnerability exploit attack detected
Web App Attack
ParaBug
2024-12-14 05:31:35
(1 month ago)
157.245.55.172 - - [14/Dec/2024:06:31:34 +0100] "GET /.env HTTP/1.1" 403 2931 "-" "Mozilla/5.0 Keydr ... show more 157.245.55.172 - - [14/Dec/2024:06:31:34 +0100] "GET /.env HTTP/1.1" 403 2931 "-" "Mozilla/5.0 Keydrop"
... show less
Phishing
Brute-Force
Web App Attack
MPL
2024-12-14 05:27:32
(1 month ago)
tcp/443 (12 or more attempts)
Port Scan
TPI-Abuse
2024-12-14 05:13:35
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 157.245.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 14 00:13:32.767741 2024] [security2:error] [pid 8195:tid 8195] [client 157.245.55.172:59774] [client 157.245.55.172] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.118"] [uri "/.env"] [unique_id "Z10T_DIyBVD72MEEq9i9WgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack