tavis.page
2024-10-27 19:07:00
(1 month ago)
{"method":"GET","url":"/.env","query":{},"params":{},"headers":{"user-agent":"Mozilla/5.0 Keydrop"," ... show more {"method":"GET","url":"/.env","query":{},"params":{},"headers":{"user-agent":"Mozilla/5.0 Keydrop","accept":"*/*","accept-encoding":"gzip"} show less
Web Spam
Hacking
c y
2024-10-27 16:45:50
(1 month ago)
...
Web App Attack
sdos.es
2024-10-27 16:34:19
(1 month ago)
"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"
Web App Attack
TPI-Abuse
2024-10-27 16:32:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 12:32:05.662673 2024] [security2:error] [pid 30896:tid 30896] [client 161.35.157.99:43034] [client 161.35.157.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.240"] [uri "/.env"] [unique_id "Zx5rBSpCCLW4XNTCEDh0ugAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
c y
2024-10-27 16:26:05
(1 month ago)
Web App Attack
TPI-Abuse
2024-10-27 16:13:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 12:13:24.322811 2024] [security2:error] [pid 6944:tid 6944] [client 161.35.157.99:35970] [client 161.35.157.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.39"] [uri "/.env"] [unique_id "Zx5mpLSBCKuEaW6_Hq3e1AAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-27 15:41:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 11:41:37.393660 2024] [security2:error] [pid 22500:tid 22500] [client 161.35.157.99:51862] [client 161.35.157.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.245"] [uri "/.env"] [unique_id "Zx5fMTz-zlVYBASYLkuYuwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-27 15:25:02
(1 month ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, GET / HTTP/1.0
Hacking
Web App Attack
ParaBug
2024-10-27 15:16:47
(1 month ago)
161.35.157.99 - - [27/Oct/2024:16:16:46 +0100] "GET /.env HTTP/1.1" 403 2815 "-" "Mozilla/5.0 Keydro ... show more 161.35.157.99 - - [27/Oct/2024:16:16:46 +0100] "GET /.env HTTP/1.1" 403 2815 "-" "Mozilla/5.0 Keydrop"
... show less
Phishing
Brute-Force
Web App Attack
TPI-Abuse
2024-10-27 15:10:24
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 11:10:16.333794 2024] [security2:error] [pid 32673:tid 32673] [client 161.35.157.99:50770] [client 161.35.157.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.199"] [uri "/.env"] [unique_id "Zx5X2EcWMYuvTAuEoYlWAgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
OK
2024-10-27 14:57:03
(1 month ago)
HTTP/HTTPS
Hacking
Web App Attack
TPI-Abuse
2024-10-27 14:51:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 10:51:12.535202 2024] [security2:error] [pid 3473803:tid 3473803] [client 161.35.157.99:59008] [client 161.35.157.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.101"] [uri "/.env"] [unique_id "Zx5TYG2k7ODz0F__06_ZUAAAABk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-27 14:35:33
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 10:35:29.487745 2024] [security2:error] [pid 3300443:tid 3300443] [client 161.35.157.99:48166] [client 161.35.157.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.158"] [uri "/.env"] [unique_id "Zx5PseHuxbgJdsSp2oK9wwAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
dzpk
2024-10-27 14:18:08
(1 month ago)
161.35.157.99 - - [27/Oct/2024:15:18:08 +0100] "GET /.env HTTP/1.1" 400 248 "-" "Mozilla/5.0 Keydrop ... show more 161.35.157.99 - - [27/Oct/2024:15:18:08 +0100] "GET /.env HTTP/1.1" 400 248 "-" "Mozilla/5.0 Keydrop" show less
Web App Attack
TPI-Abuse
2024-10-27 14:16:58
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 161.35.157.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 27 10:16:54.668494 2024] [security2:error] [pid 16428:tid 16428] [client 161.35.157.99:50560] [client 161.35.157.99] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.172"] [uri "/.env"] [unique_id "Zx5LVsJxk89dOx_FjjdkTAAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack