URAN Publishing Service
2024-11-05 22:38:21
(2 months ago)
64.52.80.84 - - [06/Nov/2024:00:38:05 +0200] "GET /.env HTTP/1.1" 404 2875 "-" "Mozilla/5.0 (X11; Li ... show more 64.52.80.84 - - [06/Nov/2024:00:38:05 +0200] "GET /.env HTTP/1.1" 404 2875 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
64.52.80.84 - - [06/Nov/2024:00:38:20 +0200] "GET /.env HTTP/1.1" 404 2851 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
... show less
Web App Attack
MPL
2024-11-05 21:49:08
(2 months ago)
tcp/443 (3 or more attempts)
Port Scan
Aetherweb Ark
2024-11-05 21:26:50
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (US/United States/-): N in the last ... show more (mod_security) mod_security (id:210492) triggered by 64.52.80.84 (US/United States/-): N in the last X secs show less
Web App Attack
Anonymous
2024-11-05 21:22:03
(2 months ago)
Malicious activity detected
Hacking
Web App Attack
Mr-Money
2024-11-05 21:19:38
(2 months ago)
64.52.80.84 - - [05/Nov/2024:22:19:37 +0100] "GET /.env HTTP/1.1" 404 8949 "-" "Mozilla/5.0 (X11; Li ... show more 64.52.80.84 - - [05/Nov/2024:22:19:37 +0100] "GET /.env HTTP/1.1" 404 8949 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
TPI-Abuse
2024-11-05 21:14:15
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 16:14:08.639022 2024] [security2:error] [pid 8835:tid 8940] [client 64.52.80.84:57194] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dev.joeandlane.com"] [uri "/.env"] [unique_id "ZyqKoHbHDaJ8-bIvJ0XFhgAAAFA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-05 20:49:47
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 15:49:41.507278 2024] [security2:error] [pid 30453:tid 30453] [client 64.52.80.84:51930] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "designersdock.com"] [uri "/.env"] [unique_id "ZyqE5S8nvn3vJH64pwA2QwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
polycoda
2024-11-05 20:48:30
(2 months ago)
⌨️ Probes for /.env everywhere
Hacking
Web App Attack
Anonymous
2024-11-05 20:45:34
(2 months ago)
Bot / scanning and/or hacking attempts: GET /.env HTTP/1.1, POST / HTTP/1.1
Hacking
Web App Attack
Interceptor_HQ
2024-11-05 20:10:09
(2 months ago)
request_uri: /.env -- automatic report --
Hacking
Brute-Force
Database.red
2024-11-05 19:45:50
(2 months ago)
[2024-11-05 14:45:50] Exploit probing - /.env
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-11-05 19:39:37
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 14:39:29.819221 2024] [security2:error] [pid 32668:tid 32668] [client 64.52.80.84:33590] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dartylife.com"] [uri "/.env"] [unique_id "Zyp0cROqHZWb0qyvPvE6TAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-05 19:39:00
(2 months ago)
/.env
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-11-05 19:18:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 64.52.80.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 14:18:11.489001 2024] [security2:error] [pid 5105:tid 5105] [client 64.52.80.84:55700] [client 64.52.80.84] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cyqci.eu"] [uri "/.env"] [unique_id "Zypvc1vM7jI-CPHIf-BWFgAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
axllent
2024-11-05 19:11:13
(2 months ago)
Scanning for exploits - /.env
Web App Attack