Anonymous
2024-10-06 19:10:47
(3 weeks ago)
45.142.212.65 - - [06/Oct/2024:19:10:46 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Linux; ... show more 45.142.212.65 - - [06/Oct/2024:19:10:46 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
... show less
Hacking
Web App Attack
Mr-Money
2024-10-06 06:55:34
(4 weeks ago)
45.142.212.65 - - [06/Oct/2024:08:55:33 +0200] "GET /.env HTTP/1.1" 404 462 "-" "Mozilla/5.0 (Linux; ... show more 45.142.212.65 - - [06/Oct/2024:08:55:33 +0200] "GET /.env HTTP/1.1" 404 462 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
Xuan Can
2024-10-05 21:34:13
(4 weeks ago)
(mod_security) mod_security (id:77316757) triggered by 45.142.212.65 (MD/Moldova/vm2224512.stark-ind ... show more (mod_security) mod_security (id:77316757) triggered by 45.142.212.65 (MD/Moldova/vm2224512.stark-industries.solutions): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 06 04:34:04.424104 2024] [security2:error] [pid 8243:tid 8272] [client 45.142.212.65:56290] [client 45.142.212.65] ModSecurity: Access denied with code 403 (phase 2). String match "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/007_i360_custom.conf"] [line "343"] [id "77316757"] [msg "IM360 WAF: Laravel .env file access||RSV:6.33||T:APACHE||QS:||"] [severity "CRITICAL"] [tag "service_custom"] [hostname "112.213.89.138"] [uri "/.env"] [unique_id "ZwGwzKGjs_hzebxeE7WU4wAAAIA"] show less
Brute-Force
SSH
vfAcceloReporter
2024-10-05 16:32:11
(4 weeks ago)
45.142.212.65 - - [05/Oct/2024:13:32:10 -0300] "GET /.env HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Linux; ... show more 45.142.212.65 - - [05/Oct/2024:13:32:10 -0300] "GET /.env HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
... show less
Brute-Force
Exploited Host
Web App Attack
Burayot
2024-10-05 12:05:14
(4 weeks ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 45.142.212.65 (MD/Moldova/vm2224512. ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 45.142.212.65 (MD/Moldova/vm2224512.stark-industries.solutions): 2 in the last 3600 secs show less
Web App Attack
Major Hostility
2024-10-05 09:53:17
(4 weeks ago)
"GET /.env HTTP/1.1" 404
"GET /.env HTTP/1.1" 404
Web App Attack
Burayot
2024-10-05 07:47:34
(4 weeks ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.142.212.65 (MD/Moldova/vm2224512 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.142.212.65 (MD/Moldova/vm2224512.stark-industries.solutions): 2 in the last 3600 secs show less
Web App Attack
WebTejo
2024-10-05 01:48:57
(4 weeks ago)
Detected multiple authentication failures and invalid user attempts from IP address 45.142.212.65 on ... show more Detected multiple authentication failures and invalid user attempts from IP address 45.142.212.65 on [PT] A01 Node show less
Brute-Force
SSH
HeliJP
2024-10-05 00:16:18
(4 weeks ago)
2024-10-04T17:53:45Z - Recognized attacks\bad behavior from IP address 45.142.212.65 on port 443\80 ... show more 2024-10-04T17:53:45Z - Recognized attacks\bad behavior from IP address 45.142.212.65 on port 443\80 (3 daily hits): client denied by server configuration show less
Port Scan
Hacking
SQL Injection
Brute-Force
Web App Attack
KiekerJan
2024-10-04 18:35:46
(4 weeks ago)
45.142.212.65 - - [04/Oct/2024:20:35:43 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin. ... show more 45.142.212.65 - - [04/Oct/2024:20:35:43 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 162 "-" "python-requests/2.25.1"
45.142.212.65 - - [04/Oct/2024:20:35:44 +0200] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 118 "-" "python-requests/2.25.1"
... show less
Web App Attack
MAGIC
2024-10-04 15:07:17
(4 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
legitssl
2024-10-04 09:05:08
(4 weeks ago)
45.142.212.65 - - [04/Oct/2024:05:05:06 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin. ... show more 45.142.212.65 - - [04/Oct/2024:05:05:06 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 145 "-" "python-requests/2.25.1"
45.142.212.65 - - [04/Oct/2024:05:05:06 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 145 "-" "python-requests/2.25.1"
45.142.212.65 - - [04/Oct/2024:05:05:06 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 145 "-" "python-requests/2.25.1"
45.142.212.65 - - [04/Oct/2024:05:05:06 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 145 "-" "python-requests/2.25.1"
45.142.212.65 - - [04/Oct/2024:05:05:06 -0400] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 302 145 "-" "python-requests/2.25.1"
... show less
Hacking
Web App Attack
Anonymous
2024-10-04 08:49:10
(4 weeks ago)
45.142.212.65 - - [04/Oct/2024:08:49:09 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Linux; ... show more 45.142.212.65 - - [04/Oct/2024:08:49:09 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
... show less
Hacking
Web App Attack
MWA SOC
2024-10-04 08:17:42
(4 weeks ago)
Hacking
syokadmin
2024-10-04 06:18:17
(4 weeks ago)
(mod_security) mod_security (id:77316757) triggered by 45.142.212.65 (MD/Moldova/vm2224512.stark-ind ... show more (mod_security) mod_security (id:77316757) triggered by 45.142.212.65 (MD/Moldova/vm2224512.stark-industries.solutions): 1 in the last 3600 secs show less
Brute-Force