πΊπ¦
URAN Publishing Service
2024-08-29 18:09:28
(1 year ago)
172.70.110.240 - - [29/Aug/2024:21:09:22 +0300] "GET /wp-admin/1.php HTTP/1.1" 404 280 "-" "Mozilla/ ...
show more
172.70.110.240 - - [29/Aug/2024:21:09:22 +0300] "GET /wp-admin/1.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (X11; Ubuntu; Linux i686; rv:79.0) Gecko/20100101 Firefox/79.0"
172.70.110.240 - - [29/Aug/2024:21:09:27 +0300] "GET /cgi-bin/inputs.php HTTP/1.1" 404 499 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0"
...
show less
Web App Attack
π©πͺ
Hydra-Shield.fr
2024-08-16 03:57:52
(1 year ago)
Directory Traversal on: /.env
Web App Attack
π΅π±
sefinek.net
2024-08-09 04:14:52
(1 year ago)
IP: 172.70.110.240
Protocol: TCP
Source port: 57166
Destination port: 443
TTL: 47
Packet length: 40
...
show more
IP: 172.70.110.240
Protocol: TCP
Source port: 57166
Destination port: 443
TTL: 47
Packet length: 40
TOS: 0x00
Timestamp: Aug 9 06:14:52 (06:14:52, 09.08.2024)
The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details suggest a possible unauthorized access or port scanning attempt.
show less
Port Scan
Web App Attack
π©πͺ
Hydra-Shield.fr
2024-08-05 02:07:40
(1 year ago)
Directory Traversal on: /.vscode/sftp.json
Web App Attack
Anonymous
2024-07-29 07:31:52
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2024-07-14 04:49:45
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 14 00:49:34.469239 2024] [security2:error] [pid 21680] [client 172.70.110.240:52554] [client 172.70.110.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.aaaansweringservice.com"] [uri "/api/.env"] [unique_id "ZpNY3k_0YnEdnC_bj6x3LwAAACA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-07-12 05:38:55
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2024-06-06 09:33:21
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 06 05:33:15.344389 2024] [security2:error] [pid 5885] [client 172.70.110.240:56182] [client 172.70.110.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.webuildbeaches.com"] [uri "/app/.git/config"] [unique_id "ZmGCW_VJwVhSLeMzDahbQgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-06-03 22:08:36
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 03 18:08:33.424096 2024] [security2:error] [pid 16470] [client 172.70.110.240:48726] [client 172.70.110.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.colonybet.com"] [uri "/api/.git/config"] [unique_id "Zl4-4d_lg1d50hE7FA7XSwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-04-29 00:47:23
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-20 01:41:29
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2024-04-19 13:15:57
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 19 09:15:51.134673 2024] [security2:error] [pid 23087] [client 172.70.110.240:35094] [client 172.70.110.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pixacast.com"] [uri "/.git/config"] [unique_id "ZiJuh6g-K8Mw82f2njRMLAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-04-17 10:16:55
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2024-02-26 22:23:46
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.110.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 26 17:23:42.076835 2024] [security2:error] [pid 26354] [client 172.70.110.240:57440] [client 172.70.110.240] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "globetechsecurities.com"] [uri "/.env"] [unique_id "Zd0PbvcdFP5eXLyGZNWJ6AAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-02-19 15:52:21
(2 years ago)
[Mon Feb 19 16:52:20.496900 2024] [authz_core:error] [pid 12600] [client 172.70.110.240:57650] AH016 ...
show more
[Mon Feb 19 16:52:20.496900 2024] [authz_core:error] [pid 12600] [client 172.70.110.240:57650] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Feb 19 16:52:20.821049 2024] [authz_core:error] [pid 12600] [client 172.70.110.240:57650] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon Feb 19 16:52:21.147046 2024] [authz_core:error] [pid 12600] [client 172.70.110.240:57650] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack