Little Iguana
2024-09-22 23:22:07
(2 weeks ago)
Attempt to hack Wordpress Login, XMLRPC or other login
Hacking
Little Iguana
2024-09-19 05:48:34
(3 weeks ago)
Attempt to hack Wordpress Login, XMLRPC or other login
Hacking
Anonymous
2024-09-19 05:00:56
(3 weeks ago)
[Thu Sep 19 01:00:55.198550 2024] [:error] [pid 2161] [client 4.178.136.179] ModSecurity: Access den ... show more [Thu Sep 19 01:00:55.198550 2024] [:error] [pid 2161] [client 4.178.136.179] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "[mungedIP2]"] [uri "/.env"] [unique_id "ZuuwB38AAAEAAAhx3yIAAAAC"] show less
Bad Web Bot
Web App Attack
sdos.es
2024-09-19 02:00:18
(3 weeks ago)
"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"
Web App Attack
Burayot
2024-09-18 23:38:03
(3 weeks ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 4.178.136.179 (FR/France/-): 2 in th ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 4.178.136.179 (FR/France/-): 2 in the last 3600 secs show less
Web App Attack
ANTI SCANNER
2024-09-18 22:20:56
(3 weeks ago)
Scanner : /.env
Web Spam
polycoda
2024-09-18 19:06:39
(3 weeks ago)
⌨️ Probes for /.env everywhere
Hacking
Web App Attack
ut-addicted.com
2024-09-18 16:55:50
(3 weeks ago)
\[Wed Sep 18 18:55:48.989521 2024\] \[:error\] \[pid 13305:tid 140449310250752\] \[client 4.178.136. ... show more \[Wed Sep 18 18:55:48.989521 2024\] \[:error\] \[pid 13305:tid 140449310250752\] \[client 4.178.136.179:58182\] \[client 4.178.136.179\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.env"\] \[unique_id "ZusGFOTniFooSFOLKk0iFQAAANA"\] show less
Brute-Force
Web App Attack
idshield.pro
2024-09-18 15:03:34
(3 weeks ago)
[WAF] Multiple requests to /.env; 1.1 GET
Web App Attack
barbarella
2024-09-18 14:06:08
(3 weeks ago)
Multiple (2) times attack on https port 443: Configuration snooping with .env file (GET /.env) <br / ... show more Multiple (2) times attack on https port 443: Configuration snooping with .env file (GET /.env)
14:06:08 unauthorized access PHPunit framework files (GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php) show less
Hacking
Web App Attack
Anonymous
2024-09-18 13:07:41
(3 weeks ago)
fail2ban_hh apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/.env"]
Web App Attack
Starburst SysOp Team
2024-09-18 11:36:15
(3 weeks ago)
(mod_security-custom) mod_security (id:210492) triggered by 4.178.136.179 (FR/France/-): 1 in the la ... show more (mod_security-custom) mod_security (id:210492) triggered by 4.178.136.179 (FR/France/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [Wed Sep 18 11:36:14.426644 2024] [:error] [pid 2798651:tid 2798699] [client 4.178.136.179:54123] [client 4.178.136.179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "144.126.150.13"] [uri "/.env"] [unique_id "Zuq7Lh49B9QcoD-_oZzhlwAAAAI"] show less
Brute-Force
OuverneY
2024-09-18 11:32:45
(3 weeks ago)
FW-PortScan: Traffic Blocked (Port=80 <- 138 attempts), (Port=443 <- 25 attempts), Total connection ... show more FW-PortScan: Traffic Blocked (Port=80 <- 138 attempts), (Port=443 <- 25 attempts), Total connections: 334, Total destinations ips: 116 show less
Port Scan
Anonymous
2024-09-18 08:33:31
(3 weeks ago)
2024/09/18 10:33:30 [error] 9576#9576: *14065576 access forbidden by rule, client: 4.178.136.179, se ... show more 2024/09/18 10:33:30 [error] 9576#9576: *14065576 access forbidden by rule, client: 4.178.136.179, server: _, request: "GET /.env HTTP/1.1", host: "212.83.182.103" show less
Brute-Force
Web App Attack
AdminSys
2024-09-18 05:18:47
(3 weeks ago)
IP Scan 404.
...
Bad Web Bot
Web App Attack