openstrike.co.uk
2024-11-09 06:12:38
(2 months ago)
49 attacks on env grabbing URLs:
GET /asset/.env HTTP/1.1
Hacking
london2038.com
2024-11-09 06:09:29
(2 months ago)
Probing for exploits
91.236.254.83 - - [09/Nov/2024:07:09:28 +0100] "GET /.env HTTP/1.1" 422 0 ... show more Probing for exploits
91.236.254.83 - - [09/Nov/2024:07:09:28 +0100] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"
91.236.254.83 - - [09/Nov/2024:07:09:28 +0100] "GET /.env HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36" show less
Hacking
Web App Attack
Savvii
2024-11-09 06:03:32
(2 months ago)
20 attempts against mh-misbehave-ban on lead
Brute-Force
Bad Web Bot
Web App Attack
sms.ru
2024-11-09 05:51:15
(2 months ago)
/vendor/.env%20
Web App Attack
el-brujo
2024-11-09 05:18:28
(2 months ago)
Cloudflare WAF: Request Path: /asset/.env Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /asset/.env Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36 Action: block Source: firewallManaged ASN Description: TECHCREA-SOLUTIONS Country: FR Method: GET Timestamp: 2024-11-09T05:18:28Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less
Hacking
SQL Injection
Web App Attack
Incidents Response Neptus Team
2024-11-09 05:13:00
(2 months ago)
Report Abuse IP
Hacking
Exploited Host
Web App Attack
Incidents Response Neptus Team
2024-11-09 05:13:00
(2 months ago)
Report Abuse IP
Hacking
Exploited Host
Web App Attack
subnetprotocol
2024-11-09 04:17:53
(2 months ago)
09/Nov/2024:05:17:49.944363 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ... show more 09/Nov/2024:05:17:49.944363 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 91.236.254.83] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "www.mignonne.com"] [uri "/.env"] [unique_id "Zy7ibetdKyI8pZglQ8-kTgAAA0I"]
09/Nov/2024:05:17:50.244686 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 91.236.254.83] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-A
... show less
Hacking
Web App Attack
URAN Publishing Service
2024-11-09 03:40:53
(2 months ago)
91.236.254.83 - - [09/Nov/2024:05:40:52 +0200] "GET /.env HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Macint ... show more 91.236.254.83 - - [09/Nov/2024:05:40:52 +0200] "GET /.env HTTP/1.1" 404 283 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"
... show less
Web App Attack
quicksand
2024-11-09 03:21:50
(2 months ago)
Malicious URI path [GET /.env] [Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 ( ... show more Malicious URI path [GET /.env] [Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36] show less
Bad Web Bot
Web App Attack
Anonymous
2024-11-09 03:16:13
(2 months ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
Savvii
2024-11-09 02:25:08
(2 months ago)
20 attempts against mh-misbehave-ban on taro
Brute-Force
Bad Web Bot
Web App Attack
TheMadBeaker
2024-11-09 01:53:37
(2 months ago)
Fail2Ban Ban Triggered
HTTP Exploit Attempt
Brute-Force
Web App Attack
rafamiga
2024-11-09 01:52:00
(2 months ago)
91.236.254.83:35752 [09/Nov/2024:01:52:29.864] in~~ sp/<NOSRV> 0/-1/-1/-1/0 404 182 PR 50/50/0/0/0 { ... show more 91.236.254.83:35752 [09/Nov/2024:01:52:29.864] in~~ sp/<NOSRV> 0/-1/-1/-1/0 404 182 PR 50/50/0/0/0 {FR|*.pl||Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36} "GET https://*.pl/vendor/.env%20 HTTP/2.0"
91.236.254.83:39450 [09/Nov/2024:01:52:31.630] in~~ sp/<NOSRV> 0/-1/-1/-1/0 404 182 PR 52/52/0/0/0 {FR|*.pl||Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36} "GET https://*.pl/lib/.env%20 HTTP/2.0"
91.236.254.83:41300 [09/Nov/2024:01:52:31.904] in~~ sp/<NOSRV> 0/-1/-1/-1/0 404 182 PR 53/53/0/0/0 {FR|*.pl||Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36} "GET https://*.pl/lab/.env%20%20 HTTP/2.0" show less
Port Scan
Brute-Force
Savvii
2024-11-09 00:56:26
(2 months ago)
21 attempts against mh-misbehave-ban on pine
Brute-Force
Bad Web Bot
Web App Attack