๐ฌ๐ง
preissler.co.uk
2024-08-30 10:56:42
(1 year ago)
Web scanning
Web App Attack
๐ฌ๐ง
openstrike.co.uk
2024-08-26 05:12:34
(1 year ago)
77 attacks on env grabbing URLs, PHP URLs, password grabbing URLs:
GET /.env~ HTTP/1.1
GET /wp-confi ...
show more
77 attacks on env grabbing URLs, PHP URLs, password grabbing URLs:
GET /.env~ HTTP/1.1
GET /wp-config.php.old HTTP/1.1
GET /.vscode/sftp.json HTTP/1.1
show less
Hacking
Web App Attack
๐ณ๐ฑ
Savvii
2024-08-25 17:35:56
(1 year ago)
15 attempts against mh-modsecurity-ban on hostbillst3
Brute-Force
Web App Attack
๐ฉ๐ช
eminovic.ba
2024-08-25 16:51:50
(1 year ago)
BRUTE FORCE: Excessive 404 hits
...
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-25 15:12:27
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 11:12:19.930441 2024] [security2:error] [pid 11878:tid 11878] [client 45.86.231.50:63666] [client 45.86.231.50] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "canadagreenrecycling.com"] [uri "/public/.env"] [unique_id "ZstJ04vzlbwNMnfHZu8NfAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
teamsecure
2024-08-25 15:08:25
(1 year ago)
Banned for trying to access env
Web App Attack
๐ณ๐ฑ
Savvii
2024-08-25 14:55:17
(1 year ago)
20 attempts against mh-misbehave-ban on taro
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-25 14:45:02
(1 year ago)
Bot / scanning and/or hacking attempts: GET /.env.project HTTP/1.1, GET /.envrc HTTP/1.1, GET /.env. ...
show more
Bot / scanning and/or hacking attempts: GET /.env.project HTTP/1.1, GET /.envrc HTTP/1.1, GET /.env.development.local HTTP/1.1, GET /.env.prod.local HTTP/1.1, GET /.env.dist HTTP/1.1, GET /.env.dev.local HTTP/1.1, GET /.env.docker.dev HTTP/1.1, GET /.env~ HTTP/1.1, GET /.env.docker HTTP/1.1, GET /.env.save HTTP/1.1, GET /.env.example HTTP/1.1, GET /.env.stage HTTP/1.1, GET /.env.sample HTTP/1.1, GET /.env.production.local HTTP/1.1, GET /.env.travis HTTP/1.1, GET /.env.development.sample HTTP/1.1, done, streams: 0/0/0/0/0 (open/recv/resp/push/rst), GET /.env.production HTTP/1.1, GET /.envs HTTP/1.1, GET /.env.prod HTTP/1.1, GET /config/aws.yml HTTP/1.1, GET /.env.local HTTP/1.1, GET /symfony/_profiler/phpinfo HTTP/1.1
show less
Hacking
Web App Attack
๐ฉ๐ช
Hazzard
2024-08-25 14:40:17
(1 year ago)
(mod_security) mod_security triggered on hostname [redacted]): (CF_ENABLE)
SQL Injection
๐ณ๐ฑ
Savvii
2024-08-25 14:25:24
(1 year ago)
20 attempts against mh-misbehave-ban on glow
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-25 14:14:26
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 10:14:22.520182 2024] [security2:error] [pid 15927:tid 15927] [client 45.86.231.50:57257] [client 45.86.231.50] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "polishedspaservices.com"] [uri "/public/.env"] [unique_id "Zss8PprbVVhghhQxpsm38AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
COMAITE
2024-08-25 13:38:04
(1 year ago)
Multiple web server 400 error codes from same source ip 45.86.231.50.
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-25 13:34:18
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 09:34:13.983983 2024] [security2:error] [pid 15474:tid 15474] [client 45.86.231.50:63809] [client 45.86.231.50] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.files.jeremyscraig.com"] [uri "/public/.env"] [unique_id "Zssy1UpTTNemm8-jK-rvVgAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2024-08-25 13:01:17
(1 year ago)
Too many Status 40X (91)
Request Overload (121)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2024-08-25 12:37:38
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 45.86.231.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 08:37:30.486009 2024] [security2:error] [pid 30787:tid 30787] [client 45.86.231.50:50756] [client 45.86.231.50] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.deharrisassoc.ltscatering.com"] [uri "/public/.env"] [unique_id "ZssliqoJTkprIFzbt8IhVgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack