URAN Publishing Service
2024-09-17 22:49:10
(1 month ago)
35.192.131.215 - - [18/Sep/2024:01:49:09 +0300] "GET /.env HTTP/1.1" 404 2868 "-" "Mozilla/5.0 (Maci ... show more 35.192.131.215 - - [18/Sep/2024:01:49:09 +0300] "GET /.env HTTP/1.1" 404 2868 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
... show less
Web App Attack
Anonymous
2024-09-17 22:46:07
(1 month ago)
Restricted File Access Requests
Hacking
Brute-Force
Xuan Can
2024-09-17 22:44:19
(1 month ago)
(mod_security) mod_security (id:77316757) triggered by 35.192.131.215 (US/United States/215.131.192. ... show more (mod_security) mod_security (id:77316757) triggered by 35.192.131.215 (US/United States/215.131.192.35.bc.googleusercontent.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 18 05:44:12.467764 2024] [security2:error] [pid 12359:tid 12414] [client 35.192.131.215:49203] [client 35.192.131.215] ModSecurity: Access denied with code 403 (phase 2). String match "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/006_i360_custom.conf"] [line "343"] [id "77316757"] [msg "IM360 WAF: Laravel .env file access||RSV:6.28||T:APACHE||QS:||"] [severity "CRITICAL"] [tag "service_custom"] [hostname "sieuthimaychu.vn"] [uri "/.env"] [unique_id "ZuoGPIHuswfQNeRfXbcKBgAAABg"] show less
Brute-Force
SSH
theEngineer
2024-09-17 22:43:19
(1 month ago)
[23:43:18] 0*: Scanning for exploits.
Web App Attack
nationaleventpros.com
2024-09-17 22:37:22
(1 month ago)
vulnerability scan
Web App Attack
el-brujo
2024-09-17 22:30:54
(1 month ago)
Cloudflare WAF: Request Path: /.env Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 ( ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Action: block Source: firewallManaged ASN Description: GOOGLE-CLOUD-PLATFORM Country: US Method: GET Timestamp: 2024-09-17T22:30:54Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less
Hacking
SQL Injection
Web App Attack
TPI-Abuse
2024-09-17 22:28:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.192.131.215 (215.131.192.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.192.131.215 (215.131.192.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 18:28:11.303643 2024] [security2:error] [pid 25428:tid 25428] [client 35.192.131.215:50304] [client 35.192.131.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dmasoftlab.com"] [uri "/.env"] [unique_id "ZuoCe_RHE4SDr486oDdefwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
idshield.pro
2024-09-17 22:27:47
(1 month ago)
[WAF] Multiple requests to /.env; 1.1 GET
Web App Attack
cmbplf
2024-09-17 22:26:11
(1 month ago)
394 requests to *.env
Brute-Force
Bad Web Bot
rdpguard.com
2024-09-17 22:07:18
(1 month ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
TPI-Abuse
2024-09-17 22:05:50
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.192.131.215 (215.131.192.35.bc.googleusercon ... show more (mod_security) mod_security (id:210492) triggered by 35.192.131.215 (215.131.192.35.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 18:05:46.063993 2024] [security2:error] [pid 25299:tid 25299] [client 35.192.131.215:61992] [client 35.192.131.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jesuspuzzle.com"] [uri "/.env"] [unique_id "Zun9OivC6_Cd7hIp2HVyBQAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TheMadBeaker
2024-09-17 22:02:47
(1 month ago)
Fail2Ban Ban Triggered
HTTP Exploit Attempt
Brute-Force
Web App Attack
rellik
2024-09-17 22:01:00
(1 month ago)
Mass Scanning Critical Directories
Hacking
Brute-Force
Web App Attack
Bedios GmbH
2024-09-17 22:00:49
(1 month ago)
Login credentials theft attempt
Hacking
axllent
2024-09-17 21:55:34
(1 month ago)
Scanning for exploits - /.env
Web App Attack