TPI-Abuse
2024-09-11 02:51:26
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 22:51:21.482964 2024] [security2:error] [pid 20977:tid 20977] [client 172.70.34.235:15080] [client 172.70.34.235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "365soft.top"] [uri "/config/.env"] [unique_id "ZuEFqXQJ13YT-x22mtQsTAAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-10 00:42:13
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 20:42:05.874571 2024] [security2:error] [pid 20607:tid 20607] [client 172.70.34.235:21462] [client 172.70.34.235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.gibitdigital.com"] [uri "/.env.production"] [unique_id "Zt-V3RjRUouSetzI5MmPGwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-12 06:30:16
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 02:30:10.741336 2024] [security2:error] [pid 16434:tid 16434] [client 172.70.34.235:18956] [client 172.70.34.235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chefericajoy.com"] [uri "/dev/.env"] [unique_id "Zrmr8mmD9aH1gil3QGbcvgAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 02:26:42
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 22:26:37.014932 2024] [security2:error] [pid 14374:tid 14374] [client 172.70.34.235:13638] [client 172.70.34.235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gibit.me"] [uri "/laravel/.env"] [unique_id "ZrghXSD3XzmglHcpU7OBHwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
URAN Publishing Service
2024-08-04 17:50:23
(1 month ago)
172.70.34.235 - - [04/Aug/2024:20:50:22 +0300] "GET /wp-includes/rest-api/about.php HTTP/1.1" 404 19 ... show more 172.70.34.235 - - [04/Aug/2024:20:50:22 +0300] "GET /wp-includes/rest-api/about.php HTTP/1.1" 404 196 "-" "-"
172.70.34.235 - - [04/Aug/2024:20:50:22 +0300] "GET /wp-includes/SimplePie/about.php HTTP/1.1" 404 196 "-" "-"
... show less
Web App Attack
Anonymous
2024-06-22 01:04:31
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
Brute-Force
SSH
SSH
Anonymous
2024-06-12 06:17:53
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-06-08 02:42:08
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-05-13 16:33:00
(3 months ago)
"Fradulent website clone: www.osc-computer-center.edu.hpc.n-helix.com"
Spoofing
TPI-Abuse
2024-04-28 13:38:26
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 28 09:38:19.593159 2024] [security2:error] [pid 1868] [client 172.70.34.235:30968] [client 172.70.34.235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eddysgroup.com"] [uri "/.env"] [unique_id "Zi5RS6IFwY5uZ67PsftffwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-04-16 16:26:56
(4 months ago)
(mod_security) mod_security (id:210410) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210410) triggered by 172.70.34.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 16 12:26:47.906728 2024] [security2:error] [pid 31613] [client 172.70.34.235:17092] [client 172.70.34.235] ModSecurity: Access denied with code 403 (phase 2). Found 1 byte(s) in ARGS:file outside range: 1-255. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "95"] [id "210410"] [rev "4"] [msg "COMODO WAF: Invalid character in request||barracuda.assistguide.com|F|3"] [data "ARGS:file=;echo CVE-2023-23333|rev\\x00.zip"] [severity "ERROR"] [tag "CWAF"] [tag "Protocol"] [hostname "barracuda.assistguide.com"] [uri "/downloader.php"] [unique_id "Zh6mx7vxOuscpsz5En2wZAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-04-14 10:56:05
(4 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-12 05:06:21
(5 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-09 01:22:48
(5 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-03-25 08:15:51
(5 months ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH