TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 19:24:14.423638 2024] [security2:error] [pid 32350:tid 32350] [client 212.30.33.15:57065] [client 212.30.33.15] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||qcryptocoin.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qcryptocoin.com"] [uri "/old/mysql.sql"] [unique_id "Zvc-nrhCRrRZXqLwZPjSEAAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 06:53:55.776304 2024] [security2:error] [pid 91904:tid 91955] [client 212.30.33.15:6247] [client 212.30.33.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.charbelaj.com"] [uri "/platform/.env"] [unique_id "ZulfwyF1D72w7kD-3VHkDQAAAFE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Information Security
|
|
Web App Attack
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 07:40:24.151354 2024] [security2:error] [pid 23265:tid 23265] [client 212.30.33.15:16527] [client 212.30.33.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.exposohomadrid.com"] [uri "/platform/.env"] [unique_id "ZugZKIKwS6BByc_FqGVxXAAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
soundboxxx.com
|
|
ping 212.30.33.15 -t -l 10000
|
DDoS Attack
FTP Brute-Force
Ping of Death
Open Proxy
Port Scan
Hacking
SQL Injection
Brute-Force
Web App Attack
SSH
|
|
cmbplf
|
|
141 requests to *.env
|
Brute-Force
Bad Web Bot
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 14 19:36:22.149192 2024] [security2:error] [pid 14168:tid 14168] [client 212.30.33.15:9611] [client 212.30.33.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "logosformacion.net"] [uri "/platform/.env"] [unique_id "ZuYd9i3yhDgciqCZzbE8TAAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
tecnicorioja
|
|
(Mod_security) [10/Sep/2024:15:38:02.978717
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 10:36:17.115311 2024] [security2:error] [pid 1712:tid 1712] [client 212.30.33.15:64435] [client 212.30.33.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.neff.family.name"] [uri "/platform/.env"] [unique_id "ZuBZYZTC0_thatzqMTe7JAAAABI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
FeG Deutschland
|
|
Looking for CMS/PHP/SQL vulnerablilities - 13
|
Exploited Host
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.15 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 09:41:05.230615 2024] [security2:error] [pid 13284:tid 13284] [client 212.30.33.15:34639] [client 212.30.33.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brelcafetal.turedinmobiliaria.com"] [uri "/platform/.env"] [unique_id "ZuBMcZe5zSNPtm8SkDfMxgAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|