sid3windr
2024-06-03 16:05:53
(5 months ago)
GET /.env (Tarpitted for 14h30m2s, wasted 2.99MB)
Web App Attack
sid3windr
2024-06-03 16:05:52
(5 months ago)
GET /.env (Tarpitted for 14h30m2s, wasted 2.99MB)
Web App Attack
BlueWire Hosting
2024-06-03 14:10:03
(5 months ago)
Scanning for Laravel vulnerabilities
Web App Attack
cmbplf
2024-06-03 09:37:45
(5 months ago)
107 requests to *.env
Brute-Force
Bad Web Bot
dtorrer
2024-06-03 05:53:32
(5 months ago)
General vulnerability scan.
Port Scan
ozisp.com.au
2024-06-03 05:19:58
(5 months ago)
BG__<33>1717391997 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Classificatio ... show more BG__<33>1717391997 [1:2031502:4] ET INFO Request to Hidden Environment File - Inbound [Classification: Misc activity] [Priority: 3] {TCP} 94.156.65.185:55378 show less
Hacking
10dencehispahard SL
2024-06-03 05:04:26
(5 months ago)
Suspicious activity detected by Modsecurity [Suspicious IP found on 8 endpoints 8 hits. Reincident b ... show more Suspicious activity detected by Modsecurity [Suspicious IP found on 8 endpoints 8 hits. Reincident by 0. Rules:] show less
Web App Attack
TPI-Abuse
2024-06-02 18:58:23
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 94.156.65.185 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 94.156.65.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 02 14:58:18.950928 2024] [security2:error] [pid 1201] [client 94.156.65.185:53469] [client 94.156.65.185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "oxfordgrpco.com"] [uri "/.env"] [unique_id "ZlzAykPUvGZjYUpvoFWF6gAAABs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Honeypot-EU-Fru
2024-06-02 14:09:29
(5 months ago)
94.156.65.185 - - [02/Jun/2024:16:09:27 +0200] "GET /.env HTTP/1.1" 404 188 "-" "Mozilla/5.0 (X11; L ... show more 94.156.65.185 - - [02/Jun/2024:16:09:27 +0200] "GET /.env HTTP/1.1" 404 188 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
94.156.65.18
... show less
Bad Web Bot
Web App Attack
Honeypot-EU-Fru
2024-06-02 12:01:06
(5 months ago)
94.156.65.185 - - [02/Jun/2024:14:01:02 +0200] "GET /.env HTTP/1.1" 404 188 "-" "Mozilla/5.0 (X11; L ... show more 94.156.65.185 - - [02/Jun/2024:14:01:02 +0200] "GET /.env HTTP/1.1" 404 188 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
94.156.65.18
... show less
Bad Web Bot
Web App Attack
ANTI SCANNER
2024-06-02 07:09:17
(5 months ago)
Scanner : /.env
Web Spam
Bedios GmbH
2024-06-02 06:40:18
(5 months ago)
Login credentials theft attempt
Hacking
Mr-Money
2024-06-02 00:27:31
(5 months ago)
94.156.65.185 - - [02/Jun/2024:02:27:30 +0200] "GET /.env HTTP/1.1" 404 461 "-" "Mozilla/5.0 (X11; L ... show more 94.156.65.185 - - [02/Jun/2024:02:27:30 +0200] "GET /.env HTTP/1.1" 404 461 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
... show less
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
ParaBug
2024-06-01 05:37:01
(5 months ago)
94.156.65.185 - - [01/Jun/2024:07:37:00 +0200] "GET /.env HTTP/1.1" 403 400 "-" "Mozilla/5.0 (X11; L ... show more 94.156.65.185 - - [01/Jun/2024:07:37:00 +0200] "GET /.env HTTP/1.1" 403 400 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
... show less
Phishing
Brute-Force
Web App Attack
TPI-Abuse
2024-06-01 04:46:21
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 94.156.65.185 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 94.156.65.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 01 00:46:17.502175 2024] [security2:error] [pid 14232] [client 94.156.65.185:52368] [client 94.156.65.185] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bernescobar.com"] [uri "/.env"] [unique_id "Zlqnme5zeUx9Vj93yvMUQgAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack