Information Security
2024-09-10 17:41:08
(2 days ago)
Web App Attack
Web App Attack
TPI-Abuse
2024-09-07 17:03:15
(5 days ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 07 13:02:30.528814 2024] [security2:error] [pid 5526:tid 5526] [client 212.30.33.211:58439] [client 212.30.33.211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.4lazy.com"] [uri "/platform/.env"] [unique_id "ZtyHJrMqlrB1ss93Pk3FCQAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-07 14:30:48
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 07 10:29:30.631470 2024] [security2:error] [pid 25350:tid 25350] [client 212.30.33.211:47129] [client 212.30.33.211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stragar.com"] [uri "/platform/.env"] [unique_id "ZtxjSjA0z0_E3S-ueLsukgAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-09-06 09:40:19
(1 week ago)
115 requests to *.env
Brute-Force
Bad Web Bot
Jim Keir
2024-09-06 08:28:28
(1 week ago)
2024-09-06 08:27:41 212.30.33.211 File scanning, blocking 212.30.33.211 for 5 minutes
Web App Attack
TPI-Abuse
2024-09-06 01:04:33
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 21:03:54.087286 2024] [security2:error] [pid 7392:tid 7392] [client 212.30.33.211:48339] [client 212.30.33.211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3905ccn.org"] [uri "/platform/.env"] [unique_id "ZtpU-mGsKo1KtscWlQN4twAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-06 00:49:14
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-09-06 00:48:40
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 20:47:19.258521 2024] [security2:error] [pid 8796:tid 8796] [client 212.30.33.211:14497] [client 212.30.33.211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "riv.turedinmobiliaria.com"] [uri "/platform/.env"] [unique_id "ZtpRF-bk49Px7E71DmxaTQAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Bedios GmbH
2024-09-06 00:40:25
(1 week ago)
Login credentials theft attempt
Hacking
TPI-Abuse
2024-09-06 00:27:25
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 20:26:24.266330 2024] [security2:error] [pid 10935:tid 10935] [client 212.30.33.211:24937] [client 212.30.33.211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elefen.org"] [uri "/platform/.env"] [unique_id "ZtpMMHvUH0K4AP6WiIbqtQAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-05 23:47:41
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 19:46:40.193013 2024] [security2:error] [pid 31162:tid 31162] [client 212.30.33.211:20387] [client 212.30.33.211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "old.renju.net"] [uri "/platform/.env"] [unique_id "ZtpC4FBC84ZN67IjtlCvjwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TheMadBeaker
2024-09-05 22:49:45
(1 week ago)
Fail2Ban Ban Triggered
HTTP Exploit Attempt
Brute-Force
Web App Attack
TPI-Abuse
2024-08-18 17:27:53
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 212.30.33.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 13:27:43.616357 2024] [security2:error] [pid 21070:tid 21070] [client 212.30.33.211:24093] [client 212.30.33.211] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pcga.golf|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pcga.golf"] [uri "/backups/sql.sql"] [unique_id "ZsIvD-MUtnl7NJH7VFRJrwAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-15 05:23:32
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-08-09 13:59:02
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH