openstrike.co.uk
|
|
2 attacks on env grabbing URLs:
GET /.env HTTP/1.1
|
Hacking
|
|
Anonymous
|
|
Action: Block, Reason: DDOS attack detected
|
DDoS Attack
|
|
URAN Publishing Service
|
|
64.52.80.84 - - [06/Nov/2024:07:24:04 +0200] "GET /.env HTTP/1.1" 404 2872 "-" "Mozilla/5.0 (X11; Li ... show more64.52.80.84 - - [06/Nov/2024:07:24:04 +0200] "GET /.env HTTP/1.1" 404 2872 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
... show less
|
Web App Attack
|
|
Anonymous
|
|
Restricted File Access Requests
|
Hacking
Brute-Force
|
|
Anonymous
|
|
2024/11/06 06:13:58 [error] 4037#4037: *3005261 access forbidden by rule, client: 64.52.80.84, serve ... show more2024/11/06 06:13:58 [error] 4037#4037: *3005261 access forbidden by rule, client: 64.52.80.84, server: aide.bobelweb.eu, request: "GET /.env HTTP/1.1", host: "bobmobile.stage.livedata.fr" show less
|
Brute-Force
Web App Attack
|
|
ecodehost.com
|
|
Domain : eminkockimya.com
Rule : env
2024-11-06 01:04:28 10.100.1.20 GET /.env - 443 - 6 ... show moreDomain : eminkockimya.com
Rule : env
2024-11-06 01:04:28 10.100.1.20 GET /.env - 443 - 64.52.80.84 HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 - eminkockimya.com 404 0 2 241 234 688 - - show less
|
Hacking
SQL Injection
|
|
el-brujo
|
|
Cloudflare WAF: Request Path: /.env Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X11; ... show moreCloudflare WAF: Request Path: /.env Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 Action: block Source: firewallManaged ASN Description: BLNWX Country: US Method: GET Timestamp: 2024-11-06T00:47:26Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less
|
Hacking
SQL Injection
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 19:12:38.908765 2024] [security2:error] [pid 2744:tid 2744] [client 64.52.80.84:56126] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ecrealty.net"] [uri "/.env"] [unique_id "Zyq0dvtwKBbH6h-sECiQHwAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
ecodehost.com
|
|
Domain : ecode.com.tr
Rule : env
2024-11-06 00:08:12 10.100.1.20 GET /.env - 443 - 162.1 ... show moreDomain : ecode.com.tr
Rule : env
2024-11-06 00:08:12 10.100.1.20 GET /.env - 443 - 162.158.91.2 HTTP/2 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 - ecode.com.tr 301 0 0 342 418 335 - 64.52.80.84 show less
|
Hacking
SQL Injection
|
|
echocity.online
|
|
Domain : echocity.online
Rule : env
2024-11-06 00:05:26 ***hidden-privacy*** GET /.env - ... show moreDomain : echocity.online
Rule : env
2024-11-06 00:05:26 ***hidden-privacy*** GET /.env - 443 - 64.52.80.84 HTTP/1.1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 - echocity.online 404 0 2 1414 233 3195 - - show less
|
Hacking
SQL Injection
|
|
Anonymous
|
|
Fail2Ban - Scan for web exploit.
...
|
Bad Web Bot
Web App Attack
|
|
Eagle Works GmbH
|
|
RdpGuard detected brute-force attempt on HTTP
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 18:36:08.777206 2024] [security2:error] [pid 2074:tid 2074] [client 64.52.80.84:55438] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dunningtons.com"] [uri "/.env"] [unique_id "Zyqr6FRVr9YPD2ycimsmrAAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
dtorrer
|
|
General vulnerability scan.
|
Port Scan
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 17:47:30.446684 2024] [security2:error] [pid 14349:tid 14349] [client 64.52.80.84:41246] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "donutlocations.com"] [uri "/.env"] [unique_id "ZyqggrD80mpeOiM7-0qLdwAAABY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|