Xuan Can
2024-10-05 07:06:38
(2 months ago)
(mod_security) mod_security (id:77316757) triggered by 54.151.116.138 (US/United States/ec2-54-151-1 ... show more (mod_security) mod_security (id:77316757) triggered by 54.151.116.138 (US/United States/ec2-54-151-116-138.us-west-1.compute.amazonaws.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 05 14:06:33.032186 2024] [security2:error] [pid 34924:tid 34953] [client 54.151.116.138:42648] [client 54.151.116.138] ModSecurity: Access denied with code 403 (phase 2). String match "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/007_i360_custom.conf"] [line "343"] [id "77316757"] [msg "IM360 WAF: Laravel .env file access||RSV:6.33||T:APACHE||QS:||"] [severity "CRITICAL"] [tag "service_custom"] [hostname "45.117.168.11"] [uri "/.env"] [unique_id "ZwDleaUi3su_g6pLkBkosQAAAEI"] show less
Brute-Force
SSH
Rip
2024-10-05 06:42:22
(2 months ago)
54.151.116.138 - - [04/Oct/2024:23:42:22 -0700] "GET /.env HTTP/1.1" 301 493 "-" "python-requests/2. ... show more 54.151.116.138 - - [04/Oct/2024:23:42:22 -0700] "GET /.env HTTP/1.1" 301 493 "-" "python-requests/2.31.0"
... show less
Bad Web Bot
Anonymous
2024-10-05 06:40:34
(2 months ago)
Legion Credential Harvester / SMTP Hijacker: /.env
Hacking
Web App Attack
LTM
2024-10-05 06:20:01
(2 months ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
fynndows.de
2024-10-05 06:14:53
(2 months ago)
Requested URL: /media/system/js/core.js, Method: GET, User-Agent: Go-http-client/1.1
Brute-Force
Bad Web Bot
Web App Attack
Kraften
2024-10-05 06:12:35
(2 months ago)
Try to find web path
...
Web App Attack
rakkor
2024-10-05 06:09:46
(2 months ago)
2024/10/05 03:46:28 [error] 6959#6959: *3284206 open() "/var/services/web/.env" failed (2: No such f ... show more 2024/10/05 03:46:28 [error] 6959#6959: *3284206 open() "/var/services/web/.env" failed (2: No such file or directory), client: 54.151.116.138, server: , request: "GET /.env HTTP/1.1", host: "86.24.122.78"
2024/10/05 07:09:45 [error] 6959#6959: *3288517 open() "/var/services/web/wp-includes/css/buttons.css" failed (2: No such file or directory), client: 54.151.116.138, server: , request: "GET /wp-includes/css/buttons.css HTTP/1.1", host: "86.24.122.78"
... show less
Hacking
Brute-Force
Web App Attack
Vaction
2024-10-05 06:07:28
(2 months ago)
54.151.116.138 - - [05/Oct/2024:08:07:27 +0200] "GET /.env HTTP/1.1" 404 397 "-" "python-requests/2. ... show more 54.151.116.138 - - [05/Oct/2024:08:07:27 +0200] "GET /.env HTTP/1.1" 404 397 "-" "python-requests/2.31.0" show less
Hacking
Bad Web Bot
Web App Attack
dzpk
2024-10-05 06:07:02
(2 months ago)
54.151.116.138 - - [05/Oct/2024:08:07:01 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 261 ... show more 54.151.116.138 - - [05/Oct/2024:08:07:01 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 261 "-" "Go-http-client/1.1" show less
Bad Web Bot
Web App Attack
Rcat
2024-10-05 06:02:08
(2 months ago)
54.151.116.138 - - [05/Oct/2024:15:02:06 +0900] "GET /.env HTTP/1.1" 400 150 "-" "python-requests/2. ... show more 54.151.116.138 - - [05/Oct/2024:15:02:06 +0900] "GET /.env HTTP/1.1" 400 150 "-" "python-requests/2.31.0"
... show less
Web Spam
Brute-Force
Bad Web Bot
Web App Attack
IoT Targeted
Mr-Money
2024-10-05 06:01:12
(2 months ago)
54.151.116.138 - - [05/Oct/2024:08:01:11 +0200] "GET /.env HTTP/1.1" 404 461 "-" "python-requests/2. ... show more 54.151.116.138 - - [05/Oct/2024:08:01:11 +0200] "GET /.env HTTP/1.1" 404 461 "-" "python-requests/2.31.0"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2024-10-05 05:59:18
(2 months ago)
wordpress-trap
Web App Attack
breubit
2024-10-05 05:50:29
(2 months ago)
54.151.116.138 - - [05/Oct/2024:07:50:29 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 436 ... show more 54.151.116.138 - - [05/Oct/2024:07:50:29 +0200] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 436 "-" "Go-http-client/1.1"
... show less
Web App Attack
Anonymous
2024-10-05 05:49:16
(2 months ago)
DNS Compromise
DDoS Attack
SilverZippo
2024-10-05 05:46:38
(2 months ago)
Web App Attack
Web App Attack