Anonymous
2024-09-06 02:13:47
(4 days ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2024-09-04 03:28:00
(5 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-03 02:07:56
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-09-01 02:08:07
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-30 00:05:26
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-21 21:05:03
(2 weeks ago)
| CMS (WordPress or Joomla) brute force attempt 10 times (rewritten)
Hacking
SQL Injection
Web App Attack
TPI-Abuse
2024-08-18 05:18:13
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 01:18:06.739887 2024] [security2:error] [pid 18766:tid 18766] [client 172.70.47.52:28148] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archive.yggdrasil.org"] [uri "/.env"] [unique_id "ZsGEDlwIUjNHyoJ7ytoLRwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 04:52:47
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 00:52:39.594389 2024] [security2:error] [pid 26846:tid 26846] [client 172.70.47.52:10100] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "samosbet.com"] [uri "/.git/config"] [unique_id "ZsF-F3pIKJEaEmw-oB0UEgAAAAM"], referer: http://samosbet.com:8080/.git/config show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-13 06:13:46
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-08-11 22:17:36
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 18:17:28.701324 2024] [security2:error] [pid 19172:tid 19189] [client 172.70.47.52:27478] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.fandgins.com"] [uri "/.git/config"] [unique_id "Zrk4eK0zDaEtJB_1rybTrAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 09:28:59
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 05:28:55.498195 2024] [security2:error] [pid 20995:tid 20995] [client 172.70.47.52:35060] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "365soft.top"] [uri "/.env"] [unique_id "ZriEV7iVniNatiD0giQvhQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-10 15:56:48
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 11:56:45.350019 2024] [security2:error] [pid 14152:tid 14152] [client 172.70.47.52:31298] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.upskirtcrazy.com"] [uri "/.env"] [unique_id "ZreNvfHzAH9swejzL5gnOgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-06 04:04:43
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-02 11:13:21
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Hydra-Shield.fr
2024-07-30 02:25:13
(1 month ago)
Directory Traversal on: /.env
Web App Attack