TPI-Abuse
2024-10-12 00:13:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 20:13:41.381616 2024] [security2:error] [pid 23004:tid 23004] [client 45.58.159.150:35188] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.230"] [uri "/.env"] [unique_id "Zwm_NQDUDvMS-_qJNH7e3AAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
vfAcceloReporter
2024-10-12 00:10:18
(1 month ago)
45.58.159.150 - - [11/Oct/2024:21:10:18 -0300] "GET /.env HTTP/1.1" 404 117 "-" "Mozilla/5.0 Keydrop ... show more 45.58.159.150 - - [11/Oct/2024:21:10:18 -0300] "GET /.env HTTP/1.1" 404 117 "-" "Mozilla/5.0 Keydrop"
... show less
Brute-Force
Exploited Host
Web App Attack
Sipo Chutão
2024-10-12 00:00:01
(1 month ago)
/.env
Hacking
london2038.com
2024-10-11 23:56:28
(1 month ago)
Malformed or malicious web request
45.58.159.150 - - [12/Oct/2024:01:56:24 +0200] "GET /.env H ... show more Malformed or malicious web request
45.58.159.150 - - [12/Oct/2024:01:56:24 +0200] "GET /.env HTTP/1.1" 400 255 "-" "Mozilla/5.0 Keydrop" show less
Hacking
Web App Attack
TPI-Abuse
2024-10-11 23:52:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 19:52:05.557221 2024] [security2:error] [pid 12660:tid 12660] [client 45.58.159.150:43710] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.136"] [uri "/.env"] [unique_id "Zwm6JWft9IAnP6n5zeQ_ggAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-11 23:24:53
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 19:24:45.413541 2024] [security2:error] [pid 31459:tid 31459] [client 45.58.159.150:39072] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.248"] [uri "/.env"] [unique_id "Zwmzve-yL1leUkBXOUemgwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
taivas.nl
2024-10-11 23:00:04
(1 month ago)
General bad request
Bad Web Bot
MPL
2024-10-11 22:56:46
(1 month ago)
tcp/443 (8 or more attempts)
Port Scan
MPL
2024-10-11 22:56:46
(1 month ago)
tcp/443 (4 or more attempts)
Port Scan
ANTI SCANNER
2024-10-11 22:44:04
(1 month ago)
Scanner : /.env
Web Spam
TPI-Abuse
2024-10-11 22:33:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 18:33:07.843586 2024] [security2:error] [pid 16462:tid 16462] [client 45.58.159.150:34518] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.96"] [uri "/.env"] [unique_id "Zwmno5hvNBQcCCcmCdvoBgAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
swrlly
2024-10-11 22:31:33
(1 month ago)
attempt to exploit known webserver vulnerabilities
Web App Attack
whitehoodie
2024-10-11 22:08:15
(1 month ago)
AUTOMATED REPORT: Tried to access .env file
Hacking
Bad Web Bot
Web App Attack
ASPAN
2024-10-11 22:03:52
(1 month ago)
Unsolicited connection attempt(s), port:443.
Port Scan
ASPAN
2024-10-11 22:03:52
(1 month ago)
Unsolicited connection attempt(s), port:443.
Port Scan