๐ท๐ธ
Scan
2026-06-30 00:00:39
(2 weeks ago)
MultiHost/MultiPort Probe, Scan, Hack -
Port Scan
Hacking
๐บ๐ธ
ThreatHunter7
2026-06-30 00:00:20
(2 weeks ago)
Malicious scanning/attack activity detected. 14 suspicious requests from this IP.
Web App Attack
๐ฎ๐ช
AutosOnShow
2026-06-29 23:23:05
(2 weeks ago)
blocked for webapp attack | path requested: /.env | seen at 2026-06-29 23:22:08.173 |
Web App Attack
๐จ๐ญ
Zdenฤk Svancar
2026-06-29 21:25:22
(2 weeks ago)
57.151.129.49 - - [29/Jun/2026:21:24:50 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compat ...
show more
57.151.129.49 - - [29/Jun/2026:21:24:50 +0000] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
57.151.129.49 - - [29/Jun/2026:21:25:21 +0000] "GET /wp-config.php HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐ง๐ท
ludarkstar99
2026-06-13 18:10:11
(1 month ago)
Blocked by os-abuseipdb; 4 hits, proto=tcp, ports=2077,3000,8880,8888
Port Scan
Hacking
๐บ๐ธ
xmission.com
2026-06-13 17:35:00
(1 month ago)
Blocked by UFW (TCP on 8000)
Source port: 18442
TTL: 53
Packet length: 60
TOS: 0x00
This report (fo ...
show more
Blocked by UFW (TCP on 8000)
Source port: 18442
TTL: 53
Packet length: 60
TOS: 0x00
This report (for 57.151.129.49) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-02 12:35:15
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 57.151.129.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 57.151.129.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 08:35:07.498569 2026] [security2:error] [pid 30899:tid 30899] [client 57.151.129.49:47752] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.139"] [uri "/.git/HEAD"] [unique_id "ah7N-xZy7BWthHwNNqFE1gAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
DrLex0
2026-06-02 12:20:16
(1 month ago)
Poking for git configs and env files
57.151.129.49 80 - [02/Jun/2026:12:20:09 +0000] "GET /.env.loc ...
show more
Poking for git configs and env files
57.151.129.49 80 - [02/Jun/2026:12:20:09 +0000] "GET /.env.local HTTP/1.1" 404 2402 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15"
57.151.129.49 80 - [02/Jun/2026:12:20:11 +0000] "GET /.env.production HTTP/1.1" 404 2402 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36"
57.151.129.49 80 - [02/Jun/2026:12:20:13 +0000] "GET /.env.backup HTTP/1.1" 404 2402 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0"
57.151.129.49 80 - [02/Jun/2026:12:20:16 +0000] "GET /.env.save HTTP/1.1" 404 2402 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15"
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-06-02 12:00:38
(1 month ago)
Access to sensitive configuration files detected.. Threat Score: 5.1/10 (MEDIUM). Confidence: 40%. C ...
show more
Access to sensitive configuration files detected.. Threat Score: 5.1/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 2.9/10 (Low). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Bayesian Probability: 40%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS
show less
Hacking
Web App Attack
๐ฉ๐ช
piticu iuli
2026-06-02 11:22:36
(1 month ago)
(mod_security) mod_security triggered on hostname [redacted] 57.151.129.49 (US/United States/-)
SQL Injection
๐ฎ๐ฉ
sockominfo
2026-06-02 11:00:19
(1 month ago)
Access to sensitive configuration files detected.. Threat Score: 5.9/10 (MEDIUM). Reported by Tanger ...
show more
Access to sensitive configuration files detected.. Threat Score: 5.9/10 (MEDIUM). Reported by TangerangKota-CSIRT
show less
Hacking
Web App Attack
๐ง๐พ
lns.bz
2026-06-02 10:57:31
(1 month ago)
Too many 404 requests [BY]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 09:27:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 57.151.129.49 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 57.151.129.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:27:23.931430 2026] [security2:error] [pid 12007:tid 12007] [client 57.151.129.49:47639] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.155"] [uri "/.git/HEAD"] [unique_id "ah6h-wQnRBbXbEmG5XI9hgAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
RAP
2026-06-02 09:04:54
(1 month ago)
2026-06-02 09:04:54 UTC Unauthorized activity to TCP port 8443. Web App
Port Scan
Web App Attack
๐ซ๐ท
Flo Flo
2026-06-02 08:56:40
(1 month ago)
57.151.129.49 - - - [02/Jun/2026:10:56:39 +0200] "82.66.117.16" "GET /.git/config HTTP/1.1" 444 0 "- ...
show more
57.151.129.49 - - - [02/Jun/2026:10:56:39 +0200] "82.66.117.16" "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 0.000
...
show less
Web App Attack