SecondEdge
2024-12-10 20:17:30
(1 month ago)
A web attack was detected from 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Indonesia / Jakarta / Jakart ... show more A web attack was detected from 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Indonesia / Jakarta / Jakarta) against lifeofstu.com (Git Variable Scan,Laravel 8.4.2 RCE) over 7s. show less
Web App Attack
SCHAPPY
2024-12-10 16:00:06
(1 month ago)
Brute-force attack to identify web exploits
Brute-Force
Web App Attack
TPI-Abuse
2024-12-10 15:12:59
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 10:12:51.774365 2024] [security2:error] [pid 23995:tid 23995] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:65332] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lorendata.net"] [uri "/.env"] [unique_id "Z1hacwVMkJSZP3bhnZsEvQAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
weblite
2024-12-10 14:03:03
(1 month ago)
WP_EXPLOIT_PROBE
Hacking
Web App Attack
TPI-Abuse
2024-12-10 11:50:24
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 06:50:19.200822 2024] [security2:error] [pid 26674:tid 26674] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:50632] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.arellasoc.com"] [uri "/.env"] [unique_id "Z1gq-8_kjJIME4eeh76HNwAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
Tripwire
2024-12-10 11:34:47
(1 month ago)
Scanning for exploits - //.env
Web App Attack
TPI-Abuse
2024-12-10 11:21:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 06:21:36.010365 2024] [security2:error] [pid 2304311:tid 2304311] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:57634] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ehrlichfamily.com.ehrlichmedia.com"] [uri "/.env"] [unique_id "Z1gkQASNzb7keGrNlLMV3wAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
teamsecure
2024-12-10 09:05:05
(1 month ago)
Banned for trying to access env
Web App Attack
TPI-Abuse
2024-12-10 08:25:01
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 03:24:53.860356 2024] [security2:error] [pid 28875:tid 28875] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:65210] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.puckerbackbikini.com"] [uri "/.env"] [unique_id "Z1f61dfnThUb1sjNrYqT6QAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-10 07:52:34
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 02:52:29.589832 2024] [security2:error] [pid 30998:tid 30998] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:55844] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "slartibartfast.com"] [uri "/.env"] [unique_id "Z1fzPRV4m9c_iLiMPHix9QAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-10 07:06:51
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 02:06:47.071786 2024] [security2:error] [pid 258057:tid 258057] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:63840] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.benwoodwv.com"] [uri "/.env"] [unique_id "Z1foh1Blj0A3q0y2wi8CFQAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-10 05:15:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 10 00:15:09.944560 2024] [security2:error] [pid 3468179:tid 3468179] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:59397] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dalore.com"] [uri "/.env"] [unique_id "Z1fOXS1Lb_fA9Do74L9qEgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-10 04:54:43
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 09 23:54:39.788040 2024] [security2:error] [pid 8363:tid 8363] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:57976] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.asaint.net"] [uri "/.env"] [unique_id "Z1fJjwwKdb_UUbZ8Us977gAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-10 04:18:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 09 23:18:26.282575 2024] [security2:error] [pid 23182:tid 23182] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a:50514] [client 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.monmouthcountydanceclasses.com"] [uri "/.env"] [unique_id "Z1fBEv49vnW4yogVNnICtAAAACU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mr-Money
2024-12-10 02:46:22
(1 month ago)
2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a - - [10/Dec/2024:03:46:22 +0100] "GET //.env HTTP/1.1" 404 1 ... show more 2001:448a:2061:2eca:5c82:4d1e:a8d1:f83a - - [10/Dec/2024:03:46:22 +0100] "GET //.env HTTP/1.1" 404 10180 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack