Cloudkul Cloudkul
2024-08-19 19:24:05
(4 weeks ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack
adalbertoreyes.org
2024-08-19 16:04:45
(4 weeks ago)
CategoryPortScan
Port Scan
Anonymous
2024-08-19 13:46:34
(4 weeks ago)
$f2bV_matches
Brute-Force
polido
2024-08-19 12:15:44
(4 weeks ago)
Unauthorized connection attempt to port 443 from 13.38.81.110
Port Scan
ne1for23
2024-08-19 06:00:31
(4 weeks ago)
Attempting to probe for sensitive information accidently exposed via git config.
13.38. ... show more Attempting to probe for sensitive information accidently exposed via git config.
13.38.81.110 - - [19/Aug/2024:06:00:31 +0000] "GET /.git/config HTTP/1.1" 403 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3850.0 Iron Safari/537.36" show less
Hacking
dpinse
2024-08-19 04:34:29
(4 weeks ago)
teler detected Directory Bruteforce against resource /.git/config from 13.38.81.110
Bad Web Bot
Charles
2024-08-19 02:05:24
(4 weeks ago)
13.38.81.110 - - [19/Aug/2024:10:05:22 +0800] "GET /.git/config HTTP/1.1" 404 6393 "-" "Mozilla/5.0 ... show more 13.38.81.110 - - [19/Aug/2024:10:05:22 +0800] "GET /.git/config HTTP/1.1" 404 6393 "-" "Mozilla/5.0 (OS/2; Warp 4.5; rv:31.0) Gecko/20100101 Firefox/31.0 SeaMonkey/2.28"
... show less
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH
FireballDWF
2024-08-18 18:45:12
(4 weeks ago)
404 NOT FOUND
Web App Attack
TPI-Abuse
2024-08-05 15:38:35
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 13.38.81.110 (ec2-13-38-81-110.eu-west-3.comput ... show more (mod_security) mod_security (id:210492) triggered by 13.38.81.110 (ec2-13-38-81-110.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 11:38:28.334422 2024] [security2:error] [pid 1892499:tid 1892499] [client 13.38.81.110:60086] [client 13.38.81.110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wiki.davonyx.com"] [uri "/.git/config"] [unique_id "ZrDx9BGJR_yEJhD0GNxtZgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
FeG Deutschland
2024-08-05 14:11:02
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack
Anonymous
2024-08-05 13:28:01
(1 month ago)
Domain : block.pt
Rule : config
2024-08-05 13:27:01 38.242.219.191 GET /.git/config - 44 ... show more Domain : block.pt
Rule : config
2024-08-05 13:27:01 38.242.219.191 GET /.git/config - 443 - 13.38.81.110 HTTP/1.1 Mozilla/5.0 (X11; Linux i686; rv:40.0) Gecko/20100101 Firefox/40.0 - block.pt 404 8 0 5117 190 240 - - show less
Hacking
SQL Injection
TPI-Abuse
2024-08-05 13:20:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 13.38.81.110 (ec2-13-38-81-110.eu-west-3.comput ... show more (mod_security) mod_security (id:210492) triggered by 13.38.81.110 (ec2-13-38-81-110.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 09:19:57.797067 2024] [security2:error] [pid 9437:tid 9437] [client 13.38.81.110:59290] [client 13.38.81.110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.joycebrown.com"] [uri "/.git/config"] [unique_id "ZrDRfUM7_fS2Ohcxo-id-AAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-08-05 11:34:59
(1 month ago)
280 requests to */.git/config
Brute-Force
Bad Web Bot
TPI-Abuse
2024-08-05 11:30:03
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 13.38.81.110 (ec2-13-38-81-110.eu-west-3.comput ... show more (mod_security) mod_security (id:210492) triggered by 13.38.81.110 (ec2-13-38-81-110.eu-west-3.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 07:29:57.422200 2024] [security2:error] [pid 11191:tid 11251] [client 13.38.81.110:60202] [client 13.38.81.110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tonysftpfiles.com.pwrcoupling.com"] [uri "/.git/config"] [unique_id "ZrC3tfoREt7M8q9YO9CYnAAAAFg"] show less
Brute-Force
Bad Web Bot
Web App Attack
SilverZippo
2024-08-05 11:20:56
(1 month ago)
Web App Attack
Web App Attack