TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 20:16:05.065031 2024] [security2:error] [pid 13198:tid 13198] [client 212.30.33.236:45897] [client 212.30.33.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mapleleaf-marketing.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mapleleaf-marketing.com"] [uri "/bak/backup.sql"] [unique_id "ZvdKxTYxugnfWwumgSwpOAAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 26 07:49:34.709208 2024] [security2:error] [pid 2725541:tid 2725541] [client 212.30.33.236:42353] [client 212.30.33.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||asiabeef.network|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "asiabeef.network"] [uri "/backups/mysql.sql"] [unique_id "ZvVKTtjjSNtGEuSRcXS46wAAAA4"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 06:45:28.768258 2024] [security2:error] [pid 6399:tid 6399] [client 212.30.33.236:28531] [client 212.30.33.236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jwwsb.jaspercity.com"] [uri "/platform/.env"] [unique_id "ZuldyEmtJieBF1AnbKmeWAAAAA8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Jim Keir
|
|
2024-09-17 10:17:30 212.30.33.236 File scanning, blocking 212.30.33.236 for 5 minutes
|
Web App Attack
|
|
Information Security
|
|
Web App Attack
|
Web App Attack
|
|
Sklurk
|
|
Web App Attack
|
Web App Attack
|
|
backslash
|
|
|
Bad Web Bot
|
|
soundboxxx.com
|
|
ping 212.30.33.236 -t -l 10000
|
DDoS Attack
FTP Brute-Force
Ping of Death
Open Proxy
Port Scan
Hacking
SQL Injection
Brute-Force
Web App Attack
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 14 19:36:23.524547 2024] [security2:error] [pid 14184:tid 14184] [client 212.30.33.236:28083] [client 212.30.33.236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "logosformacion.net"] [uri "/platform/.env"] [unique_id "ZuYd94xtdjBS0hwJoeVUwQAAACE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TheMadBeaker
|
|
Fail2Ban Ban Triggered
HTTP Exploit Attempt
|
Brute-Force
Web App Attack
|
|
tecnicorioja
|
|
(Mod_security) [10/Sep/2024:15:38:02.854296
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 11:08:31.750214 2024] [security2:error] [pid 29260:tid 29260] [client 212.30.33.236:12765] [client 212.30.33.236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elefen.org"] [uri "/platform/.env"] [unique_id "ZuBg764cBqOHWaDfhnS5hAAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 10:49:06.094625 2024] [security2:error] [pid 29097:tid 29097] [client 212.30.33.236:38489] [client 212.30.33.236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.teguer.com"] [uri "/platform/.env"] [unique_id "ZuBcYno6VlTOBegq4LFvHAAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 212.30.33.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 10:22:43.881592 2024] [security2:error] [pid 4148:tid 4148] [client 212.30.33.236:41311] [client 212.30.33.236] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.stragar.com"] [uri "/platform/.env"] [unique_id "ZuBWM-pN3jkBeFVdHp-1UQAAABw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|