whitehoodie
2024-10-20 13:10:02
(1 month ago)
AUTOMATED REPORT: Tried to access .env file
Hacking
Bad Web Bot
Web App Attack
Floofie
2024-10-20 12:59:28
(1 month ago)
181.214.164.60 - - [20/Oct/2024:08:59:27 -0400] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macinto ... show more 181.214.164.60 - - [20/Oct/2024:08:59:27 -0400] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
181.214.164.60 - - [20/Oct/2024:08:59:27 -0400] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
181.214.164.60 - - [20/Oct/2024:08:59:27 -0400] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
... show less
Brute-Force
Bad Web Bot
Web App Attack
ereznet.co.il
2024-10-20 12:45:11
(1 month ago)
(mod_security) mod_security (id:920350) triggered by 181.214.164.60 (US/United States/-): 1 in the l ... show more (mod_security) mod_security (id:920350) triggered by 181.214.164.60 (US/United States/-): 1 in the last 3600 secs show less
Brute-Force
Bedios GmbH
2024-10-20 12:29:26
(1 month ago)
Login credentials theft attempt
Hacking
MogBox
2024-10-20 09:52:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 181.214.164.60 (US/United States/-): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 181.214.164.60 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Sun Oct 20 05:52:39.016431 2024] [security2:error] [pid 480375:tid 480411] [client 181.214.164.60:56485] [client 181.214.164.60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "67.225.186.60"] [uri "/.env"] [unique_id "ZxTS51f_DpoUdRZxrmkYPAAAAEQ"] show less
Hacking
enpepet
2024-10-20 09:50:32
(1 month ago)
GENERAL: parametres: [url:env=] UA:Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/2010 ... show more GENERAL: parametres: [url:env=] UA:Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 URL:http://85.234.130.216/.env show less
Port Scan
Hacking
Brute-Force
Bad Web Bot
Anonymous
2024-10-20 09:50:07
(1 month ago)
Unsollicted Connect (2 Times), to port(s): 80
Port Scan
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-20 09:33:24
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 181.214.164.60 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 181.214.164.60 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 20 05:33:22.847520 2024] [security2:error] [pid 9845:tid 9845] [client 181.214.164.60:61820] [client 181.214.164.60] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.231"] [uri "/.env"] [unique_id "ZxTOYiE_xbWuWXwFHtKj-wAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
FEWA
2024-10-20 09:28:05
(1 month ago)
Fail2Ban Ban Triggered
Hacking
Bad Web Bot
Web App Attack
alliance
2024-10-20 09:23:23
(1 month ago)
20.10.2024 09:23:22 Environment file scan (/.env)
Hacking
Web App Attack
Roper123
2024-10-20 09:06:20
(1 month ago)
Web exploits
Web App Attack
Mr-Money
2024-10-20 09:01:56
(1 month ago)
181.214.164.60 - - [20/Oct/2024:11:01:55 +0200] "GET /.env HTTP/1.1" 404 436 "-" "Mozilla/5.0 (Macin ... show more 181.214.164.60 - - [20/Oct/2024:11:01:55 +0200] "GET /.env HTTP/1.1" 404 436 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2024-10-20 08:47:48
(1 month ago)
wordpress-trap
Web App Attack
sid3windr
2024-10-20 08:36:53
(1 month ago)
GET /.env (Tarpitted for , wasted 0B)
Web App Attack
Xuan Can
2024-10-20 08:36:02
(1 month ago)
(mod_security) mod_security (id:77316757) triggered by 181.214.164.60 (US/United States/-): 1 in the ... show more (mod_security) mod_security (id:77316757) triggered by 181.214.164.60 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 20 15:35:55.317350 2024] [security2:error] [pid 31648:tid 31678] [client 181.214.164.60:59831] [client 181.214.164.60] ModSecurity: Access denied with code 403 (phase 2). String match "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/007_i360_custom.conf"] [line "343"] [id "77316757"] [msg "IM360 WAF: Laravel .env file access||RSV:6.33||T:APACHE||QS:||"] [severity "CRITICAL"] [tag "service_custom"] [hostname "112.213.89.138"] [uri "/.env"] [unique_id "ZxTA680s-AFwz96xwjdBNgAAAEM"] show less
Brute-Force
SSH