akac
2024-11-09 11:01:02
(5 minutes ago)
Web vulnerability scanning: HTTP/1.1 GET /.env
Hacking
Brute-Force
Bad Web Bot
Web App Attack
exxos
2024-11-09 11:00:24
(6 minutes ago)
Attack with rapid agent changes
DDoS Attack
URAN Publishing Service
2024-11-09 10:54:36
(12 minutes ago)
179.43.189.138 - - [09/Nov/2024:12:54:35 +0200] "GET /.env HTTP/1.1" 404 2840 "-" "Mozilla/5.0 (Maci ... show more 179.43.189.138 - - [09/Nov/2024:12:54:35 +0200] "GET /.env HTTP/1.1" 404 2840 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13.0) AppleWebKit/617.28 (KHTML, like Gecko) Version/17.0 Safari/617.28"
... show less
Web App Attack
Anonymous
2024-11-09 10:38:01
(28 minutes ago)
Fail2Ban triggered
Web App Attack
exxos
2024-11-09 10:33:54
(32 minutes ago)
web exploit attacks
Web App Attack
swrlly
2024-11-09 10:18:06
(48 minutes ago)
attempt to exploit known webserver vulnerabilities
Web App Attack
filou812
2024-11-09 10:11:09
(55 minutes ago)
url tried is "/.git/config"
Web App Attack
Admin MGA
2024-11-09 09:55:47
(1 hour ago)
179.43.189.138 - - [09/Nov/2024:16:55:46 +0700] "GET /.git/config HTTP/1.1" 404 69 "-" "Mozilla/5.0 ... show more 179.43.189.138 - - [09/Nov/2024:16:55:46 +0700] "GET /.git/config HTTP/1.1" 404 69 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.1) AppleWebKit/616.8 (KHTML, like Gecko) Version/17.2.12 Safari/616.8"
179.43.189.138 - - [09/Nov/2024:16:55:46 +0700] "GET /.git/config HTTP/1.1" 404 69 "-" "Mozilla/5.0 (CentOS; Linux x86_64; rv:121.0) Gecko/20100101 Firefox/121.0"
179.43.189.138 - - [09/Nov/2024:16:55:46 +0700] "GET /.git/config HTTP/1.1" 404 69 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.19"
... show less
Web App Attack
advena
2024-11-09 09:00:56
(2 hours ago)
179.43.189.138 (AS51852 PLI-AS) was intercepted at 2024-11-09T08:51:07Z after violating WAF directiv ... show more 179.43.189.138 (AS51852 PLI-AS) was intercepted at 2024-11-09T08:51:07Z after violating WAF directive: 874a3e315c344b1281ad4f00046aab6f. Pre-cautionary/corrective action applied: block. show less
Web Spam
Hacking
Brute-Force
Web App Attack
london2038.com
2024-11-09 09:00:37
(2 hours ago)
Probing for exploits
179.43.189.138 - - [09/Nov/2024:10:00:16 +0100] "GET /.git/config HTTP/1. ... show more Probing for exploits
179.43.189.138 - - [09/Nov/2024:10:00:16 +0100] "GET /.git/config HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11) AppleWebKit/617.16.12 (KHTML, like Gecko) Version/17.7.92 Safari/617.16.12"
179.43.189.138 - - [09/Nov/2024:10:00:33 +0100] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" show less
Hacking
Web App Attack
Anonymous
2024-11-09 08:56:18
(2 hours ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
echocity.online
2024-11-09 08:55:03
(2 hours ago)
Domain : echocity.online
Rule : WEB
IP in black list
Port Scan
URAN Publishing Service
2024-11-09 08:50:34
(2 hours ago)
179.43.189.138 - - [09/Nov/2024:10:50:31 +0200] "GET /.env HTTP/1.1" 404 2832 "-" "Mozilla/5.0 (Wind ... show more 179.43.189.138 - - [09/Nov/2024:10:50:31 +0200] "GET /.env HTTP/1.1" 404 2832 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0"
179.43.189.138 - - [09/Nov/2024:10:50:32 +0200] "GET /.env HTTP/1.1" 404 2824 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.7.23"
... show less
Web App Attack
advena
2024-11-09 08:45:55
(2 hours ago)
179.43.189.138 (AS51852 PLI-AS) was intercepted at 2024-11-09T08:44:17Z after violating WAF directiv ... show more 179.43.189.138 (AS51852 PLI-AS) was intercepted at 2024-11-09T08:44:17Z after violating WAF directive: 874a3e315c344b1281ad4f00046aab6f. Pre-cautionary/corrective action applied: block. show less
Web Spam
Hacking
Brute-Force
Web App Attack
sefinek.net
2024-11-09 08:04:57
(3 hours ago)
Triggered Cloudflare WAF (firewallCustom) from CH.
Action taken: BLOCK
ASN: 51852 (PLI-A ... show more Triggered Cloudflare WAF (firewallCustom) from CH.
Action taken: BLOCK
ASN: 51852 (PLI-AS)
Protocol: HTTP/1.1 (method GET)
Domain: patrons.sefinek.net
Endpoint: /.env
Timestamp: 2024-11-09T07:38:47Z
Ray ID: 8dfc252d2fe70e62
Rule ID: 61fb495e94074aa0b50b084b03c00b25
UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
Report generated by Node-Cloudflare-WAF-AbuseIPDB https://github.com/sefinek/Node-Cloudflare-WAF-AbuseIPDB show less
Bad Web Bot