openstrike.co.uk
2024-08-16 05:12:39
(1 month ago)
77 attacks on env grabbing URLs, password grabbing URLs, PHP URLs:
GET /.env~ HTTP/1.1
G ... show more 77 attacks on env grabbing URLs, password grabbing URLs, PHP URLs:
GET /.env~ HTTP/1.1
GET /.vscode/sftp.json HTTP/1.1
GET /wp-config.php.old HTTP/1.1 show less
Hacking
Web App Attack
unifr
2024-08-15 09:57:03
(1 month ago)
Unauthorized IMAP connection attempt
Brute-Force
TPI-Abuse
2024-08-15 09:54:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 05:54:12.350552 2024] [security2:error] [pid 2867:tid 2867] [client 116.251.216.23:60340] [client 116.251.216.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ileronde.com"] [uri "/public/.env"] [unique_id "Zr3QRHVy2L1VfHM9r-Ei8gAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
teamsecure
2024-08-15 09:43:54
(1 month ago)
Banned for trying to access env
Web App Attack
TPI-Abuse
2024-08-15 09:12:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 05:11:54.585524 2024] [security2:error] [pid 945830:tid 945830] [client 116.251.216.23:61195] [client 116.251.216.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "canfieldnyc.com"] [uri "/public/.env"] [unique_id "Zr3GWhl7FUSqSOxaokyteQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-15 08:50:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 04:50:05.996246 2024] [security2:error] [pid 29768:tid 29768] [client 116.251.216.23:53131] [client 116.251.216.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "denvercitymotorparts.com"] [uri "/public/.env"] [unique_id "Zr3BPbsTTdPhAEHXWRD3MQAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
RLDD
2024-08-15 08:47:24
(1 month ago)
WP probing for vulnerabilities -mai
Web App Attack
Anonymous
2024-08-15 08:41:02
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-08-15 08:24:23
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 04:24:20.811294 2024] [security2:error] [pid 27278:tid 27278] [client 116.251.216.23:62635] [client 116.251.216.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.adults-biz.com"] [uri "/public/.env"] [unique_id "Zr27NMUGtPBak1qww717PgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-15 08:08:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 04:08:50.472676 2024] [security2:error] [pid 14489:tid 14489] [client 116.251.216.23:61803] [client 116.251.216.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dbrooketaylor.com"] [uri "/public/.env"] [unique_id "Zr23kqhdF6d154TpVT7HVAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-15 07:39:03
(1 month ago)
20 attempts against mh-misbehave-ban on ec102965
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-15 07:35:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 03:35:08.575008 2024] [security2:error] [pid 11163:tid 11177] [client 116.251.216.23:55514] [client 116.251.216.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "30acre.net"] [uri "/public/.env"] [unique_id "Zr2vrCgkr69rJzntaEDOcgAAAQo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Apache
2024-08-15 07:31:29
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (SG/Singapore/sg4.dreamlight.id) ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (SG/Singapore/sg4.dreamlight.id): 5 in the last 300 secs show less
Brute-Force
Web App Attack
TPI-Abuse
2024-08-15 07:12:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the la ... show more (mod_security) mod_security (id:210492) triggered by 116.251.216.23 (sg4.dreamlight.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 03:12:04.760636 2024] [security2:error] [pid 20608:tid 20608] [client 116.251.216.23:59568] [client 116.251.216.23] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ebizplayers.com"] [uri "/public/.env"] [unique_id "Zr2qRA20dj56Vk5J6YMmzAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Savvii
2024-08-15 07:05:26
(1 month ago)
20 attempts against mh-misbehave-ban on redirect
Brute-Force
Bad Web Bot
Web App Attack