GAS
2024-10-11 16:37:35
(3 months ago)
45.58.159.150 - - [11/Oct/2024:18:37:34 +0200] "GET /.env HTTP/1.1" 404 4322 "-" "Mozilla/5.0 Keydro ... show more 45.58.159.150 - - [11/Oct/2024:18:37:34 +0200] "GET /.env HTTP/1.1" 404 4322 "-" "Mozilla/5.0 Keydrop"
45.58.159.150 - - [11/Oct/2024:18:37:34 +0200] "GET / HTTP/1.0" 400 729 "-" "-"
... show less
Port Scan
MPL
2024-10-11 16:36:19
(3 months ago)
tcp/443 (4 or more attempts)
Port Scan
Interceptor_HQ
2024-10-11 16:28:39
(3 months ago)
request_uri: /.env -- automatic report --
Hacking
Brute-Force
ramiil
2024-10-11 16:27:30
(3 months ago)
nala.py pattern: \.(conf|ssh|ini|inc|env|inc|viminfo|properties|dead\.letter|passwd|schema)($|\s|\:)
Web App Attack
TPI-Abuse
2024-10-11 16:14:59
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 12:14:55.374592 2024] [security2:error] [pid 21038:tid 21038] [client 45.58.159.150:60914] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.244"] [uri "/.env"] [unique_id "ZwlO_5KMkPZJj2SxyFJwoAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-11 16:07:39
(3 months ago)
Fail2Ban triggered
Web App Attack
TPI-Abuse
2024-10-11 15:55:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 11:55:30.544013 2024] [security2:error] [pid 25636:tid 25636] [client 45.58.159.150:47140] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.237"] [uri "/.env"] [unique_id "ZwlKcpslfkZTS_Wx-nMWFAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-11 15:34:49
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 11:34:45.018118 2024] [security2:error] [pid 11243:tid 11243] [client 45.58.159.150:50712] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.19"] [uri "/.env"] [unique_id "ZwlFlRTusecbNFmgsRT7wwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
MPL
2024-10-11 15:28:17
(3 months ago)
tcp/443 (4 or more attempts)
Port Scan
Anonymous
2024-10-11 15:14:38
(3 months ago)
45.58.159.150 - - [11/Oct/2024:15:14:37 +0000] "GET /.env HTTP/1.1" 404 11 "-" "Mozilla/5.0 Keydrop" ... show more 45.58.159.150 - - [11/Oct/2024:15:14:37 +0000] "GET /.env HTTP/1.1" 404 11 "-" "Mozilla/5.0 Keydrop"
... show less
Hacking
Web App Attack
Bedios GmbH
2024-10-11 15:09:53
(3 months ago)
Login credentials theft attempt
Hacking
TPI-Abuse
2024-10-11 15:02:14
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 11:02:07.243157 2024] [security2:error] [pid 1138:tid 1138] [client 45.58.159.150:45100] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.148"] [uri "/.env"] [unique_id "Zwk970dmmtgLvBsouBN3ggAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
BlueWire Hosting
2024-10-11 14:10:07
(3 months ago)
Scanning for Laravel vulnerabilities
Web App Attack
TPI-Abuse
2024-10-11 14:02:13
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 10:02:08.636429 2024] [security2:error] [pid 21175:tid 21175] [client 45.58.159.150:41642] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.15"] [uri "/.env"] [unique_id "Zwkv4LItintWGaXBucR4BQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
LRNP
2024-10-11 13:43:42
(3 months ago)
_:443 45.58.159.150 - - [11/Oct/2024:13:43:43 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 K ... show more _:443 45.58.159.150 - - [11/Oct/2024:13:43:43 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 Keydrop"
... show less
Bad Web Bot
Web App Attack