mawan
2024-09-07 04:04:25
(2 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
axllent
2024-09-07 03:13:31
(2 months ago)
Scanning for exploits - /.env
Web App Attack
Gwyneth Llewelyn
2024-09-07 02:41:03
(2 months ago)
2400:8d60:6::5404:e4e0 - - [07/Sep/2024:03:41:01 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5. ... show more 2400:8d60:6::5404:e4e0 - - [07/Sep/2024:03:41:01 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
2024/09/07 03:41:01 [error] 918199#918199: *1515880 access forbidden by rule, client: 2400:8d60:6::5404:e4e0, server: betatechnologies.info, request: "GET /.env HTTP/2.0", host: "betatechnologies.info"
2400:8d60:6::5404:e4e0 - - [07/Sep/2024:03:41:01 +0100] "GET /.env HTTP/2.0" 403 1045 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less
Web App Attack
Anonymous
2024-09-07 01:51:59
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
dtorrer
2024-09-07 00:24:19
(2 months ago)
General vulnerability scan.
Port Scan
Gwyneth Llewelyn
2024-09-06 23:41:45
(2 months ago)
2024/09/07 00:41:44 [error] 3733953#3733953: *1467035 access forbidden by rule, client: 2400:8d60:6: ... show more 2024/09/07 00:41:44 [error] 3733953#3733953: *1467035 access forbidden by rule, client: 2400:8d60:6::5404:e4e0, server: fashcon.betatechnologies.info, request: "GET /.env HTTP/2.0", host: "fashcon.betatechnologies.info"
2400:8d60:6::5404:e4e0 - - [07/Sep/2024:00:41:43 +0100] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
2400:8d60:6::5404:e4e0 - - [07/Sep/2024:00:41:44 +0100] "GET /.env HTTP/2.0" 403 1166 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less
Web App Attack
teamsecure
2024-09-06 23:26:59
(2 months ago)
Banned for trying to access env
Web App Attack
www.Examensfragen.de
2024-09-01 03:39:02
(2 months ago)
Web Spam
Bad Web Bot
Gwyneth Llewelyn
2024-08-31 16:51:08
(2 months ago)
2400:8d60:6::5404:e4e0 - - [31/Aug/2024:17:51:05 +0100] "GET /.env HTTP/2.0" 301 162 "-" "Mozilla/5. ... show more 2400:8d60:6::5404:e4e0 - - [31/Aug/2024:17:51:05 +0100] "GET /.env HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
2024/08/31 17:51:06 [error] 2913773#2913773: *1455959 access forbidden by rule, client: 2400:8d60:6::5404:e4e0, server: lisbon-pre-1755-earthquake.org, request: "GET /.env HTTP/2.0", host: "lisbon-pre-1755-earthquake.org"
2400:8d60:6::5404:e4e0 - - [31/Aug/2024:17:51:06 +0100] "GET /.env HTTP/2.0" 403 1045 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less
Web App Attack
nv
2024-08-31 14:41:07
(2 months ago)
2400:8d60:6::5404:e4e0 - - [31/Aug/2024:16:41:06 +0200] "GET /.env HTTP/2.0" 404 26175 "-" "Mozilla/ ... show more 2400:8d60:6::5404:e4e0 - - [31/Aug/2024:16:41:06 +0200] "GET /.env HTTP/2.0" 404 26175 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less
Web App Attack
francoisunix
2024-08-31 10:34:18
(2 months ago)
2400:8d60:6::5404:e4e0 - - [31/Aug/2024:01:59:58 +0000] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 ... show more 2400:8d60:6::5404:e4e0 - - [31/Aug/2024:01:59:58 +0000] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
2400:8d60:6::5404:e4e0 - - [31/Aug/2024:03:36:25 +0000] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
2400:8d60:6::5404:e4e0 - - [31/Aug/2024:10:34:17 +0000] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" show less
Web App Attack
el-brujo
2024-08-31 09:15:42
(2 months ago)
31/Aug/2024:11:15:41.967740 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ... show more 31/Aug/2024:11:15:41.967740 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 2400:8d60:6::5404:e4e0] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "www.hostench.eu"] [uri "/.env"] [unique_id "ZtLfPWCiZDvFp6One60ZjgAACg0"]
... show less
Hacking
Web App Attack
el-brujo
2024-08-31 06:57:45
(2 months ago)
31/Aug/2024:08:57:45.373071 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client ... show more 31/Aug/2024:08:57:45.373071 +0200Apache-Error: [file "apache2_util.c"] [line 271] [level 3] [client 2400:8d60:6::5404:e4e0] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "hostench.eu"] [uri "/.env"] [unique_id "ZtK-6XqE2nPAL3K5zwAHUQAAdQI"]
... show less
Hacking
Web App Attack
Swiptly
2024-08-31 01:54:58
(2 months ago)
Multiple critical ModSecurity events
...
Web Spam
Bad Web Bot
Anonymous
2024-08-31 01:02:45
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted] 2400:8d60:6::5404:e4e0 (MY/Malaysia/-)
SQL Injection