librebit
2025-02-03 18:20:28
(6 days ago)
Brute force
Brute-Force
Anonymous
2025-02-02 15:40:39
(1 week ago)
Fail2ban block
Brute-Force
Exploited Host
Web App Attack
URAN Publishing Service
2025-02-02 15:35:44
(1 week ago)
64.95.11.36 - - [02/Feb/2025:17:35:41 +0200] "GET /.env HTTP/1.1" 404 2873 "-" "Mozilla/5.0 (Windows ... show more 64.95.11.36 - - [02/Feb/2025:17:35:41 +0200] "GET /.env HTTP/1.1" 404 2873 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0"
64.95.11.36 - - [02/Feb/2025:17:35:41 +0200] "GET /.env HTTP/1.1" 404 2870 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0"
... show less
Web App Attack
Anonymous
2025-02-02 15:28:21
(1 week ago)
Http Port:80 (http_status:422) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/201 ... show more Http Port:80 (http_status:422) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0 show less
Web App Attack
ALPHANET
2025-02-02 15:27:57
(1 week ago)
web exploits
Hacking
Exploited Host
Web App Attack
advena
2025-02-02 15:00:59
(1 week ago)
64.95.11.36 (AS399629 BLNWX) was intercepted at 2025-02-02T14:53:45Z after violating WAF directive: ... show more 64.95.11.36 (AS399629 BLNWX) was intercepted at 2025-02-02T14:53:45Z after violating WAF directive: 23548ee2b36547a1be09bb2c0550c529. Pre-cautionary/corrective action applied: block. show less
Web Spam
Hacking
Brute-Force
Web App Attack
Jim Keir
2025-02-02 14:34:35
(1 week ago)
2025-02-02 14:34:34 64.95.11.36 File scanning, blocking 64.95.11.36 for 5 minutes
2025-02-02 1 ... show more 2025-02-02 14:34:34 64.95.11.36 File scanning, blocking 64.95.11.36 for 5 minutes
2025-02-02 14:34:34 64.95.11.36 File scanning, blocking 64.95.11.36 for 5 minutes show less
Web App Attack
TPI-Abuse
2025-02-02 12:58:45
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.95.11.36 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 64.95.11.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 02 07:58:41.818416 2025] [security2:error] [pid 3698250:tid 3698250] [client 64.95.11.36:59126] [client 64.95.11.36] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "triumphantreentry.org"] [uri "/.env"] [unique_id "Z59sAQaaJu0xc6U3X3JF_wAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Bedios GmbH
2025-02-02 12:04:12
(1 week ago)
Login credentials theft attempt
Hacking
ecodehost.com
2025-02-02 11:31:28
(1 week ago)
Domain : topconmk.com
Rule : env
2025-02-02 11:29:54 10.100.1.20 GET /.env - 443 - 64.95 ... show more Domain : topconmk.com
Rule : env
2025-02-02 11:29:54 10.100.1.20 GET /.env - 443 - 64.95.11.36 HTTP/1.1 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0 - topconmk.com 404 0 2 1384 205 3472 - - show less
Hacking
SQL Injection
✨
2025-02-02 11:15:02
(1 week ago)
Domain : todoparatuboda.com
Rule : env
2025-02-02 11:14:06 152.53.103.155 GET /.env - 44 ... show more Domain : todoparatuboda.com
Rule : env
2025-02-02 11:14:06 152.53.103.155 GET /.env - 443 - 172.71.174.6 HTTP/2 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:132.0) Gecko/20100101 Firefox/132.0 - todoparatuboda.com 200 0 0 5738 389 1313 - 64.95.11.36 show less
Hacking
SQL Injection
TPI-Abuse
2025-02-02 09:54:30
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.95.11.36 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 64.95.11.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 02 04:54:26.946466 2025] [security2:error] [pid 28630:tid 28630] [client 64.95.11.36:40118] [client 64.95.11.36] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thorhauer.com"] [uri "/.env"] [unique_id "Z59A0l-p3lUBOlFNn6YWqgAAADU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Aetherweb Ark
2025-02-02 09:47:16
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.95.11.36 (US/United States/-): N in the last ... show more (mod_security) mod_security (id:210492) triggered by 64.95.11.36 (US/United States/-): N in the last X secs show less
Web App Attack
tecnicorioja
2025-02-01 23:01:16
(1 week ago)
(Mod_security) [01/Feb/2025:14:11:33.620676
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-02-01 14:29:56
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 64.95.11.36 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 64.95.11.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 01 09:29:52.889761 2025] [security2:error] [pid 15929:tid 15955] [client 64.95.11.36:52520] [client 64.95.11.36] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thecraftsycat.com"] [uri "/.env"] [unique_id "Z54v4LpSzMtdYo50KOq0egAAAFg"] show less
Brute-Force
Bad Web Bot
Web App Attack