TPI-Abuse
2024-08-05 13:57:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 09:57:14.512176 2024] [security2:error] [pid 25484:tid 25484] [client 45.137.70.100:58529] [client 45.137.70.100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.43"] [uri "/.env"] [unique_id "ZrDaOpxdwbf_tLsKn6PimQAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 13:34:14
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 09:34:13.130733 2024] [security2:error] [pid 23189] [client 45.137.70.100:62659] [client 45.137.70.100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.231"] [uri "/.env"] [unique_id "ZrDU1QAKGDyW5d2j1Uld1QAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
kumiko
2024-08-05 13:16:02
(1 month ago)
[2024-08-05 13:16:01] Probing for dotfiles
"GET /.env HTTP/1.1" 403
Bad Web Bot
Web App Attack
webbfabriken
2024-08-05 00:29:05
(1 month ago)
spam or other hacking activities reported by webbfabriken security servers
Attack reported by ... show more spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabiken Security API - WFSecAPI show less
Web Spam
Vaction
2024-08-05 00:16:36
(1 month ago)
45.137.70.100 - - [05/Aug/2024:02:16:36 +0200] "GET /.env HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macint ... show more 45.137.70.100 - - [05/Aug/2024:02:16:36 +0200] "GET /.env HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less
Hacking
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-05 00:12:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 20:12:50.308753 2024] [security2:error] [pid 29250:tid 29250] [client 45.137.70.100:62945] [client 45.137.70.100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.213"] [uri "/.env"] [unique_id "ZrAZAlY-6qD2RAH9rImCCgAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-04 23:31:55
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 19:31:52.029632 2024] [security2:error] [pid 19789:tid 19789] [client 45.137.70.100:54620] [client 45.137.70.100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.229"] [uri "/.env"] [unique_id "ZrAPaKIcVQtm4XGn8MC0ggAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-04 23:14:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 19:14:20.138954 2024] [security2:error] [pid 3414:tid 3414] [client 45.137.70.100:49891] [client 45.137.70.100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.94"] [uri "/.env"] [unique_id "ZrALTNN5PH8PUU0ZIKjXLgAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
FireballDWF
2024-08-04 22:15:14
(1 month ago)
404 NOT FOUND
Web App Attack
TPI-Abuse
2024-08-04 21:54:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 i ... show more (mod_security) mod_security (id:210492) triggered by 45.137.70.100 (100.70.137.45.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 04 17:54:13.199974 2024] [security2:error] [pid 3709:tid 3709] [client 45.137.70.100:54320] [client 45.137.70.100] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.73"] [uri "/.env"] [unique_id "Zq_4hTjBJvQUK82O-4TgiQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
syokadmin
2024-08-04 21:47:16
(1 month ago)
(mod_security) mod_security (id:77316757) triggered by 45.137.70.100 (DE/Germany/100.70.137.45.in-ad ... show more (mod_security) mod_security (id:77316757) triggered by 45.137.70.100 (DE/Germany/100.70.137.45.in-addr.arpa): 1 in the last 3600 secs show less
Brute-Force
oonux.net
2024-08-04 19:58:30
(1 month ago)
RouterOS: Scanning detected TCP 45.137.70.100:55470 > x.x.x.x:80
Port Scan
ModiranHost.com
2024-08-04 19:44:39
(1 month ago)
Aug 4 23:14:37 IN=eth0 OUT= MAC=[REMOVED]:[REMOVED]:08:00 SRC=45.137.70.100 DST=[REMOVED].152.80 LE ... show more Aug 4 23:14:37 IN=eth0 OUT= MAC=[REMOVED]:[REMOVED]:08:00 SRC=45.137.70.100 DST=[REMOVED].152.80 LEN=40 TOS=0x00 PREC=0x00 TTL=241 ID=62732 PROTO=TCP SPT=55470 DPT=80 WINDOW=1024 RES=0x00 SYN URGP=0
... show less
Port Scan
KPS
2024-08-04 19:06:23
(1 month ago)
PortscanM
Port Scan
RoboSOC
2024-08-04 18:45:20
(1 month ago)
SCAN: Host Sweep CloudCIX Reconnaissance Scan Detected, PTR: 100.70.137.45.in-addr.arpa.
Port Scan