TPI-Abuse
2024-09-08 15:25:39
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 11:25:31.816516 2024] [security2:error] [pid 17753:tid 17753] [client 172.70.42.46:17504] [client 172.70.42.46] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ard.global"] [uri "/.env"] [unique_id "Zt3B62bKS-DGU_ULCQ0mbwAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-08 10:38:10
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 06:38:05.568376 2024] [security2:error] [pid 12134:tid 12134] [client 172.70.42.46:49020] [client 172.70.42.46] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "efko.group"] [uri "/app/.env"] [unique_id "Zt1-jffNI4bn4wMz5d9m-gAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Sefinek
2024-08-09 10:46:43
(1 month ago)
IP: 172.70.42.46
Protocol: TCP
Source port: 46064
Destination port: 443
TTL: ... show more IP: 172.70.42.46
Protocol: TCP
Source port: 46064
Destination port: 443
TTL: 47
Packet length: 40
TOS: 0x08
Timestamp: Aug 9 12:46:43 (12:46:43, 09.08.2024)
The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details suggest a possible unauthorized access or port scanning attempt. show less
Port Scan
Web App Attack
Sefinek
2024-08-08 14:43:53
(1 month ago)
IP: 172.70.42.46
Protocol: TCP
Source port: 49030
Destination port: 443
TTL: ... show more IP: 172.70.42.46
Protocol: TCP
Source port: 49030
Destination port: 443
TTL: 47
Packet length: 40
TOS: 0x08
Timestamp: Aug 8 16:43:53 (16:43:53, 08.08.2024)
The IP address was blocked by the Uncomplicated Firewall (UFW) due to suspicious activity. Packet details suggest a possible unauthorized access or port scanning attempt. show less
Port Scan
Web App Attack
TPI-Abuse
2024-05-29 14:00:44
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 10:00:37.978880 2024] [security2:error] [pid 26810] [client 172.70.42.46:30124] [client 172.70.42.46] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gibitdigital.com"] [uri "/.env"] [unique_id "Zlc1BSjHwmBNZd-9VEHxngAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-05-17 08:06:40
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
oncord
2024-04-21 11:59:15
(4 months ago)
Form spam
Web Spam
TPI-Abuse
2024-04-17 00:26:30
(4 months ago)
(mod_security) mod_security (id:211190) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 16 20:26:24.106566 2024] [security2:error] [pid 30227] [client 172.70.42.46:65284] [client 172.70.42.46] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||barracuda.assistguide.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /eam/vib?id=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "barracuda.assistguide.com"] [uri "/eam/vib"] [unique_id "Zh8XMO3rjxxkw3HK9H-qkgAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-04-16 17:12:45
(4 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
oncord
2024-03-17 17:53:17
(5 months ago)
Form spam
Web Spam
oncord
2024-02-23 03:36:01
(6 months ago)
Form spam
Web Spam
oncord
2024-02-05 17:05:05
(7 months ago)
Form spam
Web Spam
TPI-Abuse
2023-12-31 17:54:14
(8 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.42.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 31 12:54:10.858396 2023] [security2:error] [pid 27203] [client 172.70.42.46:15734] [client 172.70.42.46] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.istanbulicerik.com"] [uri "/.git/config"] [unique_id "ZZGqwknVjDTw_E0vC8gQewAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
oncord
2023-12-14 00:24:30
(8 months ago)
Form spam
Web Spam
oncord
2023-12-07 07:27:48
(9 months ago)
Form spam
Web Spam