Savvii
2024-11-09 00:12:05
(2 months ago)
21 attempts against mh-misbehave-ban on cedar
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2024-11-08 21:04:41
(2 months ago)
MYH: Web Attack GET /admin/.env%20
Web Spam
Hacking
Bad Web Bot
Web App Attack
Rosh
2024-11-08 20:49:04
(2 months ago)
[11/08/24 21:49:04] 1 attack: /vendor/.env%20 (severity 2);
Web App Attack
Savvii
2024-11-08 20:17:53
(2 months ago)
21 attempts against mh-misbehave-ban on grain
Brute-Force
Bad Web Bot
Web App Attack
el-brujo
2024-11-08 19:50:46
(2 months ago)
Cloudflare WAF: Request Path: /webs/.env Request Query: Host: warzone.elhacker.net userAgent: Mozil ... show more Cloudflare WAF: Request Path: /webs/.env Request Query: Host: warzone.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36 Action: block Source: firewallManaged ASN Description: TECHCREA-SOLUTIONS Country: FR Method: GET Timestamp: 2024-11-08T19:50:46Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less
Hacking
SQL Injection
Web App Attack
subnetprotocol
2024-11-08 18:06:59
(2 months ago)
08/Nov/2024:19:06:55.992956 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client ... show more 08/Nov/2024:19:06:55.992956 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 91.236.254.83] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.env found within REQUEST_FILENAME: /.env"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.7"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "mignonne.com"] [uri "/.env"] [unique_id "Zy5TP-reV69Yfw3m6ge7tAAAA9I"]
08/Nov/2024:19:06:56.299527 +0100Apache-Error: [file "apache2_util.c"] [line 275] [level 3] [client 91.236.254.83] ModSecurity: Warning. Matched phrase "/.env" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-930-APPLICATION-ATTAC
... show less
Hacking
Web App Attack
penjaga BRIN
2024-11-08 17:14:04
(2 months ago)
nginx-alfa-95
Web App Attack
URAN Publishing Service
2024-11-08 16:22:05
(2 months ago)
91.236.254.83 - - [08/Nov/2024:18:21:59 +0200] "GET /.env HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Macint ... show more 91.236.254.83 - - [08/Nov/2024:18:21:59 +0200] "GET /.env HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"
91.236.254.83 - - [08/Nov/2024:18:22:03 +0200] "GET /.env HTTP/1.1" 404 276 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.85 Safari/537.36"
... show less
Web App Attack
TPI-Abuse
2024-11-08 15:59:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 91.236.254.83 (srv392.firstheberg.net): 1 in th ... show more (mod_security) mod_security (id:210492) triggered by 91.236.254.83 (srv392.firstheberg.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 08 10:59:06.685095 2024] [security2:error] [pid 29181:tid 29181] [client 91.236.254.83:7073] [client 91.236.254.83] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.twccsolutions.com"] [uri "/.env"] [unique_id "Zy41Sj_45x23zRnfRT7TQAAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-11-08 15:37:55
(2 months ago)
379 requests to *.env
Brute-Force
Bad Web Bot
Anonymous
2024-11-08 14:31:44
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-08 14:02:26
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_MODSEC
Brute-Force
SSH