TPI-Abuse
2024-10-03 07:10:56
(6 days ago)
(mod_security) mod_security (id:210730) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 03 03:10:51.163911 2024] [security2:error] [pid 21360:tid 21360] [client 212.30.33.21:63581] [client 212.30.33.21] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.ixd.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ixd.net"] [uri "/backup/www.sql"] [unique_id "Zv5DeyQ_xIaDzviHpuhfpAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-27 23:33:52
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 19:33:47.123924 2024] [security2:error] [pid 20875:tid 20875] [client 212.30.33.21:10847] [client 212.30.33.21] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mapleleaf-marketing.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mapleleaf-marketing.com"] [uri "/back/mysql.sql"] [unique_id "ZvdA2wGppo0DsHdalTXL2QAAABs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-17 10:46:30
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 06:45:26.200741 2024] [security2:error] [pid 6379:tid 6379] [client 212.30.33.21:55823] [client 212.30.33.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jwwsb.jaspercity.com"] [uri "/platform/.env"] [unique_id "ZuldxhUsg8PJ9mw-WvzihgAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Jim Keir
2024-09-17 10:17:45
(3 weeks ago)
2024-09-17 10:17:31 212.30.33.21 File scanning, blocking 212.30.33.21 for 5 minutes
Web App Attack
Information Security
2024-09-16 11:47:22
(3 weeks ago)
Web App Attack
Web App Attack
TPI-Abuse
2024-09-16 11:34:31
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 07:33:28.498866 2024] [security2:error] [pid 15716:tid 15716] [client 212.30.33.21:12227] [client 212.30.33.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "old.renju.net"] [uri "/platform/.env"] [unique_id "ZugXiBXWLXbmX6VpbQC0qwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2024-09-15 06:57:02
(3 weeks ago)
Bad Web Bot
cmbplf
2024-09-15 02:34:44
(3 weeks ago)
160 requests to *.env
Brute-Force
Bad Web Bot
soundboxxx.com
2024-09-15 02:21:00
(3 weeks ago)
ping 212.30.33.21 -t -l 10000
DDoS Attack
FTP Brute-Force
Ping of Death
Open Proxy
Port Scan
Hacking
SQL Injection
Brute-Force
Web App Attack
SSH
Information Security
2024-09-15 00:32:34
(3 weeks ago)
Web App Attack
Web App Attack
Aetherweb Ark
2024-09-15 00:31:47
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): N in the last X secs
Web App Attack
TPI-Abuse
2024-09-14 23:37:44
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 14 19:36:19.081391 2024] [security2:error] [pid 13275:tid 13275] [client 212.30.33.21:19471] [client 212.30.33.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "logosformacion.net"] [uri "/platform/.env"] [unique_id "ZuYd8xK8UspW9lPc0P5ungAAACU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TheMadBeaker
2024-09-14 23:30:55
(3 weeks ago)
Fail2Ban Ban Triggered
HTTP Exploit Attempt
Brute-Force
Web App Attack
tecnicorioja
2024-09-10 22:01:53
(4 weeks ago)
(Mod_security) [10/Sep/2024:15:38:02.972894
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-10 15:08:49
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 11:08:31.304594 2024] [security2:error] [pid 28340:tid 28340] [client 212.30.33.21:50005] [client 212.30.33.21] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elefen.org"] [uri "/platform/.env"] [unique_id "ZuBg78Qe2-Pny0OkE1DXbAAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack