simpeg-adm.bandung.go.id
2024-12-16 00:04:47
(4 weeks ago)
86.104.252.41 - - [16/Dec/2024:00:04:46 +0000] "GET /.env.old HTTP/1.1" 404 133 "-" "Mozilla/5.0 (Ma ... show more 86.104.252.41 - - [16/Dec/2024:00:04:46 +0000] "GET /.env.old HTTP/1.1" 404 133 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [16/Dec/2024:00:04:46 +0000] "POST /.env.old HTTP/1.1" 404 133 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [16/Dec/2024:00:04:46 +0000] "GET /.env.production.local HTTP/1.1" 404 133 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
... show less
Web Spam
Brute-Force
Web App Attack
kumiko
2024-12-15 10:57:19
(4 weeks ago)
[2024-12-15 10:57:18] Unauthorized port scan/probing (3 times on ports 81, 3000, 5000) Blocked by U ... show more [2024-12-15 10:57:18] Unauthorized port scan/probing (3 times on ports 81, 3000, 5000) Blocked by UFW show less
Port Scan
nextweb
2024-12-15 06:36:54
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 86.104.252.41 (FR/France/North/Marly/rack-32.fh ... show more (mod_security) mod_security (id:210492) triggered by 86.104.252.41 (FR/France/North/Marly/rack-32.fhnet.fr/[AS197922 Techcrea Solutions SAS]): 5 in the last 3600 secs (CF_ENABLE) show less
Brute-Force
yvoictra
2024-12-14 15:51:57
(1 month ago)
86.104.252.41 - - [14/Dec/2024:16:51:53 +0100] "GET /.git/config HTTP/1.1" 404 134 "-" "python-reque ... show more 86.104.252.41 - - [14/Dec/2024:16:51:53 +0100] "GET /.git/config HTTP/1.1" 404 134 "-" "python-requests/2.28.1"
86.104.252.41 - - [14/Dec/2024:16:51:53 +0100] "GET /.env.production HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [14/Dec/2024:16:51:53 +0100] "POST /.env.production HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [14/Dec/2024:16:51:56 +0100] "GET /cp/.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [14/Dec/2024:16:51:56 +0100] "POST /cp/.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
... show less
Brute-Force
Web App Attack
RCS
2024-12-14 02:01:31
(1 month ago)
fail2ban apache-modsecurity
...
Bad Web Bot
Web App Attack
mw
2024-12-13 18:58:55
(1 month ago)
86.104.252.41 - - [13/Dec/2024:12:58:54 -0600] "GET /.git/config HTTP/1.1" 404 136 "-" "python-reque ... show more 86.104.252.41 - - [13/Dec/2024:12:58:54 -0600] "GET /.git/config HTTP/1.1" 404 136 "-" "python-requests/2.28.1"
86.104.252.41 - - [13/Dec/2024:12:58:54 -0600] "GET /.env.production HTTP/1.1" 404 136 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [13/Dec/2024:12:58:54 -0600] "POST /.env.production HTTP/1.1" 404 136 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [13/Dec/2024:12:58:54 -0600] "GET /cp/.env HTTP/1.1" 404 136 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
86.104.252.41 - - [13/Dec/2024:12:58:54 -0600] "POST /cp/.env HTTP/1.1" 404 136 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
... show less
Bad Web Bot
Web App Attack
kumiko
2024-12-13 17:30:30
(1 month ago)
[2024-12-13 17:30:29] Probing for dotfiles
"GET /.git/config HTTP/1.1" 403
Bad Web Bot
Web App Attack
Hydra-Shield.fr
2024-12-13 16:11:38
(1 month ago)
Directory Traversal on: /.env.bak
Web App Attack
PlexLads
2024-12-13 14:41:53
(1 month ago)
86.104.252.41 - - [13/Dec/2024:06:41:50 -0800] "GET /.env.old HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Ma ... show more 86.104.252.41 - - [13/Dec/2024:06:41:50 -0800] "GET /.env.old HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 86.104.252.41 - - [13/Dec/2024:06:41:50 -0800] "POST /.env.old HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 86.104.252.41 - - [13/Dec/2024:06:41:51 -0800] "GET /.env.production.local HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 86.104.252.41 - - [13/Dec/2024:06:41:51 -0800] "POST /.env.production.local HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 86.104.252.41 - - [13/Dec/2024:06:41:51 -0800] "GET /.env.development HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0" 86.104.252.41 - - [13/Dec/2024:06:41:52 -0800] "POST /.env.development HTTP/1.1" 404 397 "-" "Mozilla/5.0 (Macintosh; I
... show less
Hacking
Web App Attack
Anonymous
2024-12-13 09:14:54
(1 month ago)
[Fri Dec 13 04:14:52.399524 2024] [proxy_fcgi:error] [pid 2310953:tid 2310953] [client 86.104.252.41 ... show more [Fri Dec 13 04:14:52.399524 2024] [proxy_fcgi:error] [pid 2310953:tid 2310953] [client 86.104.252.41:61081] AH01071: Got error 'Primary script unknown'
[Fri Dec 13 04:14:53.227004 2024] [proxy_fcgi:error] [pid 2310961:tid 2310961] [client 86.104.252.41:53153] AH01071: Got error 'Primary script unknown'
[Fri Dec 13 04:14:53.629674 2024] [proxy_fcgi:error] [pid 2310933:tid 2310933] [client 86.104.252.41:62282] AH01071: Got error 'Primary script unknown'
... show less
Web App Attack
gu-alvareza
2024-12-13 07:05:21
(1 month ago)
AndroxGh0st.Malware
Hacking
Exploited Host
saloniamatteo
2024-12-13 06:42:39
(1 month ago)
86.104.252.41 - - [13/Dec/2024:07:42:34 +0100] "GET /.env.bak HTTP/1.1" 403 HOST "salonia.it" REF "- ... show more 86.104.252.41 - - [13/Dec/2024:07:42:34 +0100] "GET /.env.bak HTTP/1.1" 403 HOST "salonia.it" REF "-" UA "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" gz% "-"
86.104.252.41 - - [13/Dec/2024:07:42:35 +0100] "GET /.env HTTP/1.1" 403 HOST "salonia.it" REF "-" UA "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" gz% "-"
86.104.252.41 - - [13/Dec/2024:07:42:38 +0100] "GET /.env.dist HTTP/1.1" 403 HOST "salonia.it" REF "-" UA "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" gz% "-"
... show less
Brute-Force
Exploited Host
Web App Attack
LRNP
2024-12-13 04:55:09
(1 month ago)
_:80 86.104.252.41 - - [13/Dec/2024:04:55:08 +0000] "GET /.git/config HTTP/1.1" 404 118 "-" "python- ... show more _:80 86.104.252.41 - - [13/Dec/2024:04:55:08 +0000] "GET /.git/config HTTP/1.1" 404 118 "-" "python-requests/2.28.1"
_:80 86.104.252.41 - - [13/Dec/2024:04:55:08 +0000] "GET /.env.production HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
_:80 86.104.252.41 - - [13/Dec/2024:04:55:08 +0000] "POST /.env.production HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
_:80 86.104.252.41 - - [13/Dec/2024:04:55:08 +0000] "GET /cp/.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
_:80 86.104.252.41 - - [13/Dec/2024:04:55:08 +0000] "POST /cp/.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"
_:80 86.104.252.41 - - [13/Dec/2024:04:55:08 +0000] "GET /development/.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firef
... show less
Bad Web Bot
Web App Attack
alliance
2024-12-13 03:07:49
(1 month ago)
13.12.2024 03:07:48 Git repository scan (/.git)
Hacking
Web App Attack
Anonymous
2024-12-13 02:55:45
(1 month ago)
$f2bV_matches
Brute-Force
Web App Attack