TPI-Abuse
2024-09-27 23:24:06
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 19:24:01.769559 2024] [security2:error] [pid 629:tid 629] [client 212.30.33.24:39363] [client 212.30.33.24] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||qcryptocoin.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "qcryptocoin.com"] [uri "/restore/backup.sql"] [unique_id "Zvc-keF1QE8l78drfd4y2QAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-17 10:46:36
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 06:45:32.267120 2024] [security2:error] [pid 6396:tid 6396] [client 212.30.33.24:63999] [client 212.30.33.24] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jwwsb.jaspercity.com"] [uri "/platform/.env"] [unique_id "ZuldzH8OZ6fh237WWXu10gAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Jim Keir
2024-09-17 10:17:30
(2 weeks ago)
2024-09-17 10:17:27 212.30.33.24 File scanning, blocking 212.30.33.24 for 5 minutes
Web App Attack
Information Security
2024-09-16 11:45:11
(2 weeks ago)
Web App Attack
Web App Attack
TPI-Abuse
2024-09-16 11:41:32
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 07:40:24.791340 2024] [security2:error] [pid 23265:tid 23265] [client 212.30.33.24:42309] [client 212.30.33.24] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.exposohomadrid.com"] [uri "/platform/.env"] [unique_id "ZugZKIKwS6BByc_FqGVxXwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2024-09-15 07:12:23
(2 weeks ago)
Bad Web Bot
soundboxxx.com
2024-09-15 02:18:00
(2 weeks ago)
ping 212.30.33.24 -t -l 10000
DDoS Attack
FTP Brute-Force
Ping of Death
Open Proxy
Port Scan
Hacking
SQL Injection
Brute-Force
Web App Attack
SSH
Anonymous
2024-09-15 00:43:51
(2 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Aetherweb Ark
2024-09-15 00:31:49
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.24 (-): N in the last X secs
Web App Attack
Information Security
2024-09-15 00:29:15
(2 weeks ago)
Web App Attack
Web App Attack
TheMadBeaker
2024-09-14 23:30:55
(2 weeks ago)
Fail2Ban Ban Triggered
HTTP Exploit Attempt
Brute-Force
Web App Attack
tecnicorioja
2024-09-10 22:01:55
(3 weeks ago)
(Mod_security) [10/Sep/2024:15:38:03.015143
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-10 15:09:29
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 212.30.33.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 11:08:33.210891 2024] [security2:error] [pid 29260:tid 29260] [client 212.30.33.24:35409] [client 212.30.33.24] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "elefen.org"] [uri "/platform/.env"] [unique_id "ZuBg8a4cBqOHWaDfhnS5iQAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Information Security
2024-09-10 14:49:15
(3 weeks ago)
Web App Attack
Web App Attack
FeG Deutschland
2024-09-10 14:36:31
(3 weeks ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack