rshict
2024-11-12 08:46:57
(3 weeks ago)
Hacking, Brute-Force, Web App Attack
Hacking
Brute-Force
Web App Attack
Anonymous
2024-11-05 10:05:46
(4 weeks ago)
[04/Nov/2024:05:39:02 -0500] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\"
[04/Nov/2024:05:39 ... show more [04/Nov/2024:05:39:02 -0500] \"GET /.env HTTP/1.1\" \"Mozilla/5.0 Keydrop\"
[04/Nov/2024:05:39:03 -0500] \"GET / HTTP/1.0\" Blank UA show less
Hacking
TPI-Abuse
2024-11-04 10:11:04
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 05:11:01.372578 2024] [security2:error] [pid 14315:tid 14315] [client 159.65.141.154:55898] [client 159.65.141.154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.206"] [uri "/.env"] [unique_id "ZyidtdQIYB1-INNUhelmFQAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
jk jk
2024-11-04 10:09:11
(1 month ago)
GoPot Honeypot 1
Hacking
Web App Attack
Anonymous
2024-11-04 10:09:03
(1 month ago)
Bot / scanning and/or hacking attempts: GET / HTTP/1.0, GET /.env HTTP/1.1
Hacking
Web App Attack
cusezar.com
2024-11-04 10:00:05
(1 month ago)
159.65.141.154 /.env
Brute-Force
Anonymous
2024-11-04 09:50:35
(1 month ago)
$f2bV_matches
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-04 09:36:10
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 04:36:03.380876 2024] [security2:error] [pid 31142:tid 31142] [client 159.65.141.154:49644] [client 159.65.141.154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.175"] [uri "/.env"] [unique_id "ZyiVg_ln_Lc6KZlq3TRp7wAAADc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-04 09:16:30
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 04:16:23.411848 2024] [security2:error] [pid 29762:tid 29762] [client 159.65.141.154:54886] [client 159.65.141.154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.62"] [uri "/.env"] [unique_id "ZyiQ55eSCBP87c6T8tZQrQAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
kumiko
2024-11-04 09:14:45
(1 month ago)
[2024-11-04 09:14:45] Probing for dotfiles
"GET /.env HTTP/1.1" 403
Bad Web Bot
Web App Attack
Anymous
2024-11-04 08:45:28
(1 month ago)
GET /.env HTTP/1.1 403 4436 "-" "Mozilla/5.0 Keydrop"
Bad Web Bot
pa4080
2024-11-04 08:44:46
(1 month ago)
Detected by ModSecurity. Request URI: /.env
Web App Attack
TPI-Abuse
2024-11-04 08:39:30
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 159.65.141.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 03:39:27.806481 2024] [security2:error] [pid 15406:tid 15406] [client 159.65.141.154:41508] [client 159.65.141.154] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.176"] [uri "/.env"] [unique_id "ZyiIP3sYYYVsBbs4D58V0AAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
BSG Webmaster
2024-11-04 08:35:09
(1 month ago)
Port scanning (Port 443)
Port Scan
Hacking
Anonymous
2024-11-04 08:12:52
(1 month ago)
159.65.141.154 - - [04/Nov/2024:08:12:51 +0000] "GET /.env HTTP/1.1" 403 287 "-" "Mozilla/5.0 Keydro ... show more 159.65.141.154 - - [04/Nov/2024:08:12:51 +0000] "GET /.env HTTP/1.1" 403 287 "-" "Mozilla/5.0 Keydrop"
... show less
Hacking
Web App Attack