Charles
2024-10-05 04:27:29
(1 month ago)
54.151.116.138 - - [05/Oct/2024:12:27:27 +0800] "GET /.env HTTP/1.1" 404 397 "-" "python-requests/2. ... show more 54.151.116.138 - - [05/Oct/2024:12:27:27 +0800] "GET /.env HTTP/1.1" 404 397 "-" "python-requests/2.31.0"
... show less
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH
swrlly
2024-10-05 03:58:03
(1 month ago)
attempted directly connecting to webserver using origin ip
Web App Attack
myintarweb
2024-10-05 03:47:53
(1 month ago)
54.151.116.138 - - [05/Oct/2024:04:47:52 +0100] 80 "GET /.env HTTP/1.1" 403 1480 "-" "python-request ... show more 54.151.116.138 - - [05/Oct/2024:04:47:52 +0100] 80 "GET /.env HTTP/1.1" 403 1480 "-" "python-requests/2.32.3"
... show less
Hacking
Bad Web Bot
Web App Attack
lnklnx
2024-10-05 03:43:02
(1 month ago)
www.lnklnx.com:80 54.151.116.138 - - [04/Oct/2024:22:43:01 -0500] "GET /.env HTTP/1.1" 301 484 "-" " ... show more www.lnklnx.com:80 54.151.116.138 - - [04/Oct/2024:22:43:01 -0500] "GET /.env HTTP/1.1" 301 484 "-" "python-requests/2.32.3"
... show less
Web App Attack
Roper123
2024-10-05 03:37:19
(1 month ago)
Web exploits
Web App Attack
Starburst SysOp Team
2024-10-05 03:29:00
(1 month ago)
[Sat Oct 05 03:29:07.428294 2024] [:error] [pid 3685244:tid 3685296] [client 54.151.116.138:49210] [ ... show more [Sat Oct 05 03:29:07.428294 2024] [:error] [pid 3685244:tid 3685296] [client 54.151.116.138:49210] [client 54.151.116.138] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/usr/local/apache/modsecurity-cwaf/rules/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "66.94.106.222"] [uri "/.env"] [unique_id "ZwCyg1BQOhSF-Z90ESvzgQAAANE"] show less
Hacking
Brute-Force
Web App Attack
Anonymous
2024-10-05 03:10:12
(1 month ago)
Oct 5 06:10:12 mail haproxy[1705]: 54.151.116.138:52980 [05/Oct/2024:06:10:12.457] http-in http-in/ ... show more Oct 5 06:10:12 mail haproxy[1705]: 54.151.116.138:52980 [05/Oct/2024:06:10:12.457] http-in http-in/<NOSRV> -1/-1/-1/-1/0 503 216 - - SC-- 1/1/0/0/0 0/0 "GET /.env HTTP/1.1"
... show less
Brute-Force
Web App Attack
ipv4.fr
2024-10-05 03:04:49
(1 month ago)
54.151.116.138 - - [05/Oct/2024:03:04:49 +0000] "GET /.env HTTP/1.1" 444 0 "-" "python-requests/2.32 ... show more 54.151.116.138 - - [05/Oct/2024:03:04:49 +0000] "GET /.env HTTP/1.1" 444 0 "-" "python-requests/2.32.3"
... show less
Brute-Force
Web App Attack
ramiil
2024-10-05 02:55:11
(1 month ago)
nala.py pattern: \.(conf|ssh|ini|inc|env|inc|viminfo|properties|dead\.letter|passwd|schema)($|\s|\:)
Web App Attack
RCS
2024-10-05 02:32:47
(1 month ago)
fail2ban apache-modsecurity
...
Bad Web Bot
Web App Attack
ANTI SCANNER
2024-10-05 02:22:58
(1 month ago)
Scanner : /.env
Web Spam
chronos
2024-10-05 02:09:44
(1 month ago)
[AUTORAVALT][[04/10/2024 - 23:09:43 -03:00 UTC]
Attack from [Amazon Technologies Inc.]
[ ... show more [AUTORAVALT][[04/10/2024 - 23:09:43 -03:00 UTC]
Attack from [Amazon Technologies Inc.]
[54.151.116.138][ec2-54-151-116-138.us-west-1.compute.amazonaws.com]
Action: BLocKed
Bad Web Bot -> Webpage scraping (email extraction, content, etc.) crawlers that do not respect robots.txt. Excessive requests and user agent spoofing.
]
... show less
Bad Web Bot
Xuan Can
2024-10-05 02:07:13
(1 month ago)
(mod_security) mod_security (id:77316757) triggered by 54.151.116.138 (US/United States/ec2-54-151-1 ... show more (mod_security) mod_security (id:77316757) triggered by 54.151.116.138 (US/United States/ec2-54-151-116-138.us-west-1.compute.amazonaws.com): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 05 09:07:05.751331 2024] [security2:error] [pid 31366:tid 31409] [client 54.151.116.138:35038] [client 54.151.116.138] ModSecurity: Access denied with code 403 (phase 2). String match "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/imunify360-full-apache/007_i360_custom.conf"] [line "343"] [id "77316757"] [msg "IM360 WAF: Laravel .env file access||RSV:6.33||T:APACHE||QS:||"] [severity "CRITICAL"] [tag "service_custom"] [hostname "103.252.252.16"] [uri "/.env"] [unique_id "ZwCfSQ6on8xFOaYypQ15OQAAABA"] show less
Brute-Force
SSH
fynndows.de
2024-10-05 02:06:29
(1 month ago)
Requested URL: /.env, Method: GET, User-Agent: python-requests/2.32.3
Brute-Force
Bad Web Bot
Web App Attack
sid3windr
2024-10-05 02:06:09
(1 month ago)
GET /.env (Tarpitted for , wasted 0B)
Web App Attack