rtbh.com.tr
2024-08-23 08:55:23
(2 weeks ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
Anonymous
2024-08-23 05:07:15
(2 weeks ago)
[Fri Aug 23 01:07:14.408934 2024] [:error] [pid 4378] [client 85.239.246.128] ModSecurity: Access de ... show more [Fri Aug 23 01:07:14.408934 2024] [:error] [pid 4378] [client 85.239.246.128] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "[mungedIP2]"] [uri "/.env"] [unique_id "ZsgZAn8AAAEAABEaQhwAAAAC"]
[Fri Aug 23 01:07:14.493279 2024] [:error] [pid 4376] [client 85.239.246.128] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generi show less
Bad Web Bot
Web App Attack
ozisp.com.au
2024-08-22 11:05:39
(2 weeks ago)
CZ__<33>1724324737 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Classificatio ... show more CZ__<33>1724324737 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Classification: Misc activity] [Priority: 3] {TCP} 85.239.246.128:53277 show less
Hacking
Anonymous
2024-08-22 07:05:09
(2 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 85.239.246.128 (US/United States/vmi203 ... show more (mod_security) mod_security triggered on hostname [redacted] 85.239.246.128 (US/United States/vmi2037124.contaboserver.net) show less
SQL Injection
CollideTech
2024-08-21 17:32:11
(2 weeks ago)
Probing wordpress site
Web App Attack
Ivo Vynckier
2024-08-21 17:12:00
(2 weeks ago)
85.239.246.128 - - [21/Aug/2024:16:28:39 +0200] "GET /.env HTTP/1.1" 403 117 "-" "python-requests/2. ... show more 85.239.246.128 - - [21/Aug/2024:16:28:39 +0200] "GET /.env HTTP/1.1" 403 117 "-" "python-requests/2.32.3" show less
Hacking
Hydra-Shield.fr
2024-08-21 15:23:48
(2 weeks ago)
Directory Traversal on: /.env
Web App Attack
geot
2024-08-21 13:40:34
(2 weeks ago)
GET /.env HTTP/1.1
POST / HTTP/1.1
Port Scan
Hacking
Web App Attack
Anonymous
2024-08-21 10:52:13
(2 weeks ago)
Aggressive web scan
Web App Attack
cmbplf
2024-08-20 20:24:35
(2 weeks ago)
294 requests to *.env
Brute-Force
Bad Web Bot
✨
2024-08-20 20:19:02
(2 weeks ago)
Domain : subastame.net
Rule : env
2024-08-20 20:17:56 ***hidden-privacy*** GET /.env - 8 ... show more Domain : subastame.net
Rule : env
2024-08-20 20:17:56 ***hidden-privacy*** GET /.env - 80 - 172.69.59.188 HTTP/1.1 python-requests/2.32.3 - subastame.net 200 0 0 6124 338 1809 - 85.239.246.128 show less
Hacking
SQL Injection
Ba-Yu
2024-08-20 18:20:40
(2 weeks ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
sid3windr
2024-08-19 16:35:04
(2 weeks ago)
GET /.env (Tarpitted for 1d20h3m14s, wasted 9.07MB)
Web App Attack
Anonymous
2024-08-19 04:00:37
(2 weeks ago)
GET /.env
Web App Attack
MogBox
2024-08-18 11:18:14
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 85.239.246.128 (US/United States/vmi2037124.con ... show more (mod_security) mod_security (id:210492) triggered by 85.239.246.128 (US/United States/vmi2037124.contaboserver.net): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Sun Aug 18 07:18:10.429598 2024] [security2:error] [pid 2117792:tid 2117845] [client 85.239.246.128:63523] [client 85.239.246.128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "67.225.186.60"] [uri "/.env"] [unique_id "ZsHYcnsLqNJJnfCVDvesEAAAABU"] show less
Hacking