backslash
2024-09-20 11:21:28
(3 weeks ago)
Bad Web Bot
ne1for23
2024-09-15 22:14:24
(3 weeks ago)
Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" ... show more Attempt to access invalid virtual host name (###.###.###.###). Typically used to access "internal" resources improperly exposed externally and "protected" only by a lack of external DNS resolution.
185.167.61.78 - - [15/Sep/2024:22:14:24 +0000] "GET /.env HTTP/1.1" 403 153 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" "-" show less
Hacking
Gwyneth Llewelyn
2024-09-14 04:06:29
(4 weeks ago)
185.167.61.78 - - [14/Sep/2024:05:06:28 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Linux; ... show more 185.167.61.78 - - [14/Sep/2024:05:06:28 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30"
2024/09/14 05:06:28 [error] 3356#3356: *708605 access forbidden by rule, client: 185.167.61.78, server: getasecondlife.net, request: "GET /.env HTTP/1.1", host: "getasecondlife.net"
185.167.61.78 - - [14/Sep/2024:05:06:28 +0100] "GET /.env HTTP/1.1" 403 1178 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" show less
Web App Attack
Anonymous
2024-09-14 03:34:02
(4 weeks ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, POST / HTTP/1.1, GET /vendor/phpunit/php ... show more Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, POST / HTTP/1.1, GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1. show less
Hacking
Web App Attack
penjaga BRIN
2024-09-14 03:03:48
(4 weeks ago)
apache-auth-111
Brute-Force
MogBox
2024-09-14 02:15:53
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.167.61.78 (DE/Germany/-): 1 in the last 360 ... show more (mod_security) mod_security (id:210492) triggered by 185.167.61.78 (DE/Germany/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 13 22:15:52.185625 2024] [security2:error] [pid 2182700:tid 2182746] [client 185.167.61.78:55203] [client 185.167.61.78] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "67.225.186.60"] [uri "/.env"] [unique_id "ZuTx2OkKMgCkbO4OXoAodgAAABE"] show less
Hacking
TPI-Abuse
2024-09-14 02:14:58
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.167.61.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 185.167.61.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 13 22:14:53.013237 2024] [security2:error] [pid 25565:tid 25565] [client 185.167.61.78:63883] [client 185.167.61.78] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.agirlwithaguitar.com"] [uri "/.env"] [unique_id "ZuTxnZUmY05tgCGEjVmC2gAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-14 01:37:45
(4 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 185.167.61.78 (DE/Germany/-)
SQL Injection
Anonymous
2024-09-14 01:15:38
(4 weeks ago)
Restricted File Access Requests
Hacking
Brute-Force
conseilgouz
2024-09-14 01:09:55
(4 weeks ago)
coe-17 : Block hidden directories=>/.env(/)
Hacking
MogBox
2024-09-14 01:05:20
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 185.167.61.78 (DE/Germany/-): 1 in the last 360 ... show more (mod_security) mod_security (id:210492) triggered by 185.167.61.78 (DE/Germany/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 13 21:05:14.563623 2024] [security2:error] [pid 2182700:tid 2182740] [client 185.167.61.78:61305] [client 185.167.61.78] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "67.225.186.60"] [uri "/.env"] [unique_id "ZuThSukKMgCkbO4OXoAm2QAAAAs"] show less
Hacking
BSG Webmaster
2024-09-14 00:57:54
(4 weeks ago)
Hacking Attempt using path /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php
Hacking
someone
2024-09-14 00:41:31
(4 weeks ago)
*:80 185.167.61.78 - - [14/Sep/2024:02:41:30 +0200] "GET /.env HTTP/1.1" 301 477 "-" "Mozilla/5.0 (L ... show more *:80 185.167.61.78 - - [14/Sep/2024:02:41:30 +0200] "GET /.env HTTP/1.1" 301 477 "-" "Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30" show less
Web App Attack
RLDD
2024-09-14 00:08:49
(4 weeks ago)
WP probing -nov
Web App Attack
Anonymous
2024-09-14 00:02:45
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH