kkeyser
2024-10-05 11:00:58
(2 months ago)
GET /.env HTTP/1.1
Web App Attack
HoneyPotEu
2024-10-05 10:50:25
(2 months ago)
54.151.116.138 [redacted] (16509-AMAZON-02 United States San Jose) - - [05/Oct/2024:12:50:10 +0200] ... show more 54.151.116.138 [redacted] (16509-AMAZON-02 United States San Jose) - - [05/Oct/2024:12:50:10 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 118 "-" "Go-http-client/1.1"
54.151.116.138 95.13
... show less
Bad Web Bot
Web App Attack
someone
2024-10-05 10:44:15
(2 months ago)
*:80 54.151.116.138 - - [05/Oct/2024:12:44:14 +0200] "GET /.env HTTP/1.1" 301 477 "-" "python-reques ... show more *:80 54.151.116.138 - - [05/Oct/2024:12:44:14 +0200] "GET /.env HTTP/1.1" 301 477 "-" "python-requests/2.31.0" show less
Web App Attack
PulseServers
2024-10-05 10:37:55
(2 months ago)
Probing a honeypot for vulnerabilities. Ignored robots.txt - CA10 Honeypot
...
Hacking
Web App Attack
sefinek.net
2024-10-05 10:24:14
(2 months ago)
Blocked by UFW (TCP on port 80).
Source port: 50224
TTL: 44
Packet length: 60<br / ... show more Blocked by UFW (TCP on port 80).
Source port: 50224
TTL: 44
Packet length: 60
TOS: 0x00
Timestamp: 2024-10-05 12:24:14 [Europe/Warsaw]
This report (for 54.151.116.138) was generated by:
https://github.com/sefinek24/UFW-AbuseIPDB-Reporter show less
Port Scan
Web App Attack
speedtaq.com
2024-10-05 10:20:53
(2 months ago)
54.151.116.138 - - [05/Oct/2024:12:20:50 +0200] "GET / HTTP/1.1" 301 528 "-" "Go-http-client/1.1"
Bad Web Bot
Pornomens
2024-10-05 10:18:54
(2 months ago)
54.151.116.138 - - [05/Oct/2024:12:18:53 +0200] "GET / HTTP/1.1" 403 417 "-" "Go-http-client/1.1"<br ... show more 54.151.116.138 - - [05/Oct/2024:12:18:53 +0200] "GET / HTTP/1.1" 403 417 "-" "Go-http-client/1.1"
54.151.116.138 - - [05/Oct/2024:12:18:53 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 403 417 "-" "Go-http-client/1.1"
54.151.116.138 - - [05/Oct/2024:12:18:53 +0200] "GET /media/system/js/core.js HTTP/1.1" 403 417 "-" "Go-http-client/1.1"
... show less
Web App Attack
GoodOldTOS
2024-10-05 10:17:03
(2 months ago)
Highly suspect IP
Hacking
Web App Attack
MortimerCat
2024-10-05 10:04:46
(2 months ago)
Attempting to download environment file
Web App Attack
Anonymous
2024-10-05 09:56:29
(2 months ago)
Http Port:80 (http_status:403) - / - Agent:Go-http-client/1.1
Web App Attack
HoneyPotEu-AT
2024-10-05 09:46:17
(2 months ago)
54.151.116.138 - - [redacted] [05/Oct/2024:11:46:00 +0200] "GET /wp-includes/css/buttons.css HTTP/1. ... show more 54.151.116.138 - - [redacted] [05/Oct/2024:11:46:00 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 118 "-" "Go-http-client/1.1" 0.000 - -
54.151.116.138 - - [redacted] [05/Oct/2024:11:
... show less
Bad Web Bot
Web App Attack
Anonymous
2024-10-05 09:44:30
(2 months ago)
fail2ban apache-modsecurity [msg "Request Missing an Accept Header"] [uri "/"]
Web App Attack
Cookie
2024-10-05 09:35:14
(2 months ago)
Blocked by UFW (TCP on port 80).
Source port: 51920
TTL: 55
Packet length: 60<br / ... show more Blocked by UFW (TCP on port 80).
Source port: 51920
TTL: 55
Packet length: 60
TOS: 0x00
Timestamp: 2024-10-05 09:35:14 [Europe/Warsaw]
This report (for 54.151.116.138) was generated by:
https://github.com/sefinek24/UFW-AbuseIPDB-Reporter show less
Port Scan
Web App Attack
Security_Whaller
2024-10-05 09:34:33
(2 months ago)
Malicious activity detected on Honeypot.
Hacking
Brute-Force
Web App Attack
Anonymous
2024-10-05 09:32:56
(2 months ago)
[Sat Oct 05 11:32:54.626358 2024] [authz_core:error] [pid 20695] [client 54.151.116.138:40206] AH016 ... show more [Sat Oct 05 11:32:54.626358 2024] [authz_core:error] [pid 20695] [client 54.151.116.138:40206] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Oct 05 11:32:54.783145 2024] [authz_core:error] [pid 20695] [client 54.151.116.138:40206] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Oct 05 11:32:54.939939 2024] [authz_core:error] [pid 20695] [client 54.151.116.138:40206] AH01630: client denied by server configuration: /etc/httpd/htdocs
... show less
Web App Attack