diego
2024-10-11 19:07:01
(1 month ago)
Events: TCP SYN Discovery or Flooding, Seen 14 times in the last 10800 seconds
DDoS Attack
Anonymous
2024-10-11 19:03:33
(1 month ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET / HTTP/1.0
Hacking
Web App Attack
TPI-Abuse
2024-10-11 19:00:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 15:00:03.432724 2024] [security2:error] [pid 13299:tid 13299] [client 45.58.159.150:45410] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.119"] [uri "/.env"] [unique_id "Zwl1s1BHJMvzPEY4ryzqSgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-11 18:33:39
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 14:33:33.374896 2024] [security2:error] [pid 22775:tid 22775] [client 45.58.159.150:54160] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.247"] [uri "/.env"] [unique_id "ZwlvfafqYPpzJo1U4UQ4BQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
ASPAN
2024-10-11 18:24:18
(1 month ago)
Unsolicited connection attempt(s), port:443.
Port Scan
Rip
2024-10-11 18:22:48
(1 month ago)
🚫 ⚠️Attacks against our web application server are prohibited and violate our Terms of Servic ... show more 🚫 ⚠️Attacks against our web application server are prohibited and violate our Terms of Service. Violators are reported and banned.
... show less
Brute-Force
Web App Attack
TPI-Abuse
2024-10-11 18:14:25
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 14:14:22.499969 2024] [security2:error] [pid 3114:tid 3114] [client 45.58.159.150:51358] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.236"] [uri "/.env"] [unique_id "Zwlq_lpYtcPqjxp8oZVTJgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
diego
2024-10-11 17:44:17
(1 month ago)
Events: TCP SYN Discovery or Flooding, Seen 12 times in the last 10800 seconds
DDoS Attack
HoneyPotEu
2024-10-11 17:41:47
(1 month ago)
45.58.159.150 [redacted]:443 (46844-SHARKTECH The Netherlands -) - - [11/Oct/2024:19:41:36 +0200] "G ... show more 45.58.159.150 [redacted]:443 (46844-SHARKTECH The Netherlands -) - - [11/Oct/2024:19:41:36 +0200] "GET /.env HTTP/1.1" 400 248 "-" "Mozilla/5.0 Keydrop"
... show less
Bad Web Bot
Web App Attack
urmarcht
2024-10-11 17:31:06
(1 month ago)
Bot attack detected : webscan vurnerability
Web App Attack
Anonymous
2024-10-11 17:22:27
(1 month ago)
HTTP Req: GET /.env HTTP/1.1
Time: Fri, 11 Oct 2024 19:22:27 +0200
Unauthorised web se ... show more HTTP Req: GET /.env HTTP/1.1
Time: Fri, 11 Oct 2024 19:22:27 +0200
Unauthorised web server access and/or looking for web app vulnerabilities.
Port 443
User Agent: Mozilla/5.0 Keydrop
IP suspected 2 time(s) so far. show less
Hacking
Bad Web Bot
Web App Attack
penjaga BRIN
2024-10-11 17:18:29
(1 month ago)
-111
Web App Attack
Anonymous
2024-10-11 16:50:02
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
jioni.de
2024-10-11 16:46:57
(1 month ago)
2024/10/11 18:46:57 [info] 6736#0: *130495 client sent plain HTTP request to HTTPS port while readin ... show more 2024/10/11 18:46:57 [info] 6736#0: *130495 client sent plain HTTP request to HTTPS port while reading client request headers, client: ::ffff:45.58.159.150, server: mail.jioni.de, request: "GET /.env HTTP/1.1", host: "95.216.27.198:443"
... show less
Web App Attack
TPI-Abuse
2024-10-11 16:38:05
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 45.58.159.150 (customer.sharktech.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 12:38:00.792000 2024] [security2:error] [pid 18617:tid 18617] [client 45.58.159.150:54176] [client 45.58.159.150] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.15"] [uri "/.env"] [unique_id "ZwlUaCUFNH5eexEe-JIWwAAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack