Anonymous
2024-08-30 00:05:26
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-21 21:05:03
(1 month ago)
| CMS (WordPress or Joomla) brute force attempt 10 times (rewritten)
Hacking
SQL Injection
Web App Attack
TPI-Abuse
2024-08-18 05:18:13
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 01:18:06.739887 2024] [security2:error] [pid 18766:tid 18766] [client 172.70.47.52:28148] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "archive.yggdrasil.org"] [uri "/.env"] [unique_id "ZsGEDlwIUjNHyoJ7ytoLRwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 04:52:47
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 00:52:39.594389 2024] [security2:error] [pid 26846:tid 26846] [client 172.70.47.52:10100] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "samosbet.com"] [uri "/.git/config"] [unique_id "ZsF-F3pIKJEaEmw-oB0UEgAAAAM"], referer: http://samosbet.com:8080/.git/config show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-13 06:13:46
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-08-11 22:17:36
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 18:17:28.701324 2024] [security2:error] [pid 19172:tid 19189] [client 172.70.47.52:27478] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.fandgins.com"] [uri "/.git/config"] [unique_id "Zrk4eK0zDaEtJB_1rybTrAAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-11 09:28:59
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 11 05:28:55.498195 2024] [security2:error] [pid 20995:tid 20995] [client 172.70.47.52:35060] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "365soft.top"] [uri "/.env"] [unique_id "ZriEV7iVniNatiD0giQvhQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-10 15:56:48
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 172.70.47.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 11:56:45.350019 2024] [security2:error] [pid 14152:tid 14152] [client 172.70.47.52:31298] [client 172.70.47.52] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.upskirtcrazy.com"] [uri "/.env"] [unique_id "ZreNvfHzAH9swejzL5gnOgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-06 04:04:43
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-02 11:13:21
(2 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Hydra-Shield.fr
2024-07-30 02:25:13
(2 months ago)
Directory Traversal on: /.env
Web App Attack
ParaBug
2024-07-25 18:54:48
(2 months ago)
172.70.47.52 - - [25/Jul/2024:20:54:47 +0200] "GET /index.php?cPath=10059&products_id=269987 HTTP/1. ... show more 172.70.47.52 - - [25/Jul/2024:20:54:47 +0200] "GET /index.php?cPath=10059&products_id=269987 HTTP/1.1" 403 400 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.0.0 Safari/537.36"
... show less
Phishing
Brute-Force
Web App Attack
Anonymous
2024-07-07 12:40:22
(3 months ago)
Jul 7 14:40:20 syscgn kernel: [3089281.489760] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:bc:0f ... show more Jul 7 14:40:20 syscgn kernel: [3089281.489760] [UFW BLOCK] IN=eth0 OUT= MAC=0a:d1:7f:3c:98:09:bc:0f:fe:37:fb:a2:08:00 SRC=172.70.47.52 DST=185.194.141.106 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=4664 DF PROTO=TCP SPT=62504 DPT=2053 WINDOW=65535 RES=0x00 SYN URGP=0
... show less
Hacking
Anonymous
2024-07-02 00:22:00
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
ParaBug
2024-06-26 19:37:30
(3 months ago)
172.70.47.52 - - [26/Jun/2024:21:37:29 +0200] "GET /details-about-nbspwomen039s-bling-bling-pointed- ... show more 172.70.47.52 - - [26/Jun/2024:21:37:29 +0200] "GET /details-about-nbspwomen039s-bling-bling-pointed-toe-pointed-toe-ankle-boots-wedding-clubwear-shoes-p-474202.htm HTTP/1.1" 410 478 "-" "Mozilla/5.0 (compatible; SemrushBot/7~bl; +http://www.semrush.com/bot.html)"
... show less
Phishing
Brute-Force
Web App Attack