openstrike.co.uk
2024-12-07 06:12:39
(1 month ago)
8 attacks on env grabbing URLs, PHP URLs:
GET //.env HTTP/1.1
GET /info.php HTTP/1.1
Hacking
Web App Attack
cmbplf
2024-12-06 12:07:27
(1 month ago)
199 requests to /phpinfo.php
145 requests to *.env
Brute-Force
Bad Web Bot
Mr-Money
2024-12-06 09:16:43
(1 month ago)
2001:448a:2061:4106:35dc:87a3:cc2e:4666 - - [06/Dec/2024:10:16:43 +0100] "GET //.env HTTP/1.1" 404 1 ... show more 2001:448a:2061:4106:35dc:87a3:cc2e:4666 - - [06/Dec/2024:10:16:43 +0100] "GET //.env HTTP/1.1" 404 15695 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
TPI-Abuse
2024-12-06 06:43:20
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 01:43:16.035568 2024] [security2:error] [pid 19937:tid 19937] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:58342] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "flightsoffancyfilms.com"] [uri "/.env"] [unique_id "Z1KdBETT8hY6y4TK2P7xKQAAAB8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-06 05:52:37
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 00:52:33.104043 2024] [security2:error] [pid 20125:tid 20125] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:56455] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "texassong.jimbrofriends.com"] [uri "/.env"] [unique_id "Z1KRIc5Fr3ZtoiivuIPtaQAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
BlueWire Hosting
2024-12-06 05:10:24
(1 month ago)
Scanning for Laravel vulnerabilities
Web App Attack
TPI-Abuse
2024-12-06 05:03:52
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 00:03:47.000254 2024] [security2:error] [pid 2068:tid 2068] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:62021] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ourswat.team"] [uri "/.env"] [unique_id "Z1KFspJjxDtpwZe1qbta4gAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-06 04:04:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 23:04:13.537750 2024] [security2:error] [pid 14528:tid 14528] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:57748] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.ken-parker.com"] [uri "/.env"] [unique_id "Z1J3vbBSP61d4Fg2Q2lpDwAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-06 02:40:51
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 21:40:47.791456 2024] [security2:error] [pid 5331:tid 5331] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:61499] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lesdwiniarczyk.com"] [uri "/.env"] [unique_id "Z1JkL2mciFk3SBOe_RCjfAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-06 01:34:30
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 20:34:22.937633 2024] [security2:error] [pid 15126:tid 15126] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:64747] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.lorendata.net"] [uri "/.env"] [unique_id "Z1JUni1eXT1A2X4TVTU4hQAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-06 01:00:30
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 20:00:24.248998 2024] [security2:error] [pid 1068155:tid 1068155] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:63794] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.koolstra.net"] [uri "/.env"] [unique_id "Z1JMqBP2thDrOd4AzN28QgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
strefapi_com
2024-12-05 23:04:10
(1 month ago)
Brute-force web
...
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-12-05 22:58:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 17:58:10.162698 2024] [security2:error] [pid 1801625:tid 1801625] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:50236] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.alarmnummer.com"] [uri "/.env"] [unique_id "Z1IwAqB1OcewkanmMazLuAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 22:41:24
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 17:41:21.081676 2024] [security2:error] [pid 12191:tid 12191] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:59325] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.whysong.net"] [uri "/.env"] [unique_id "Z1IsEcfclDunaCXDuyVHGwAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-05 22:23:23
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknow ... show more (mod_security) mod_security (id:210492) triggered by 2001:448a:2061:4106:35dc:87a3:cc2e:4666 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 05 17:23:18.498538 2024] [security2:error] [pid 10635:tid 10635] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666:57359] [client 2001:448a:2061:4106:35dc:87a3:cc2e:4666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.pittyvaich.com"] [uri "/.env"] [unique_id "Z1In1ng4wacBr6H0G2rYnAAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack