octageeks.com
2024-12-03 05:10:40
(1 month ago)
Wordpress malicious attack:[octa404]
Web App Attack
TPI-Abuse
2024-12-03 04:20:10
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 23:20:05.624797 2024] [security2:error] [pid 14373:tid 14373] [client 18.209.47.77:54780] [client 18.209.47.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "humans2humans.org"] [uri "/core/.env"] [unique_id "Z06G9cUdOJ69KgOC82I6MwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
penjaga BRIN
2024-12-03 02:08:46
(1 month ago)
apache-alfa-111
Web App Attack
TPI-Abuse
2024-12-03 01:50:49
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 20:50:41.849813 2024] [security2:error] [pid 24829:tid 24829] [client 18.209.47.77:56988] [client 18.209.47.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.aprilparks.com"] [uri "/.git/"] [unique_id "Z05j8Rvblplaj3EOvBhLGQAAAB4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-03 01:31:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 20:31:18.367721 2024] [security2:error] [pid 22200:tid 22200] [client 18.209.47.77:54612] [client 18.209.47.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.hcpoultry.com"] [uri "/.git/"] [unique_id "Z05fZg162R98vsY5NoW9gQAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
Countryman
2024-12-03 01:13:13
(1 month ago)
repeated unauthorized connection attempts, host sweep, port scan
Port Scan
lp
2024-12-02 23:53:39
(1 month ago)
Bot webscan: 1 attempts were recorded from 18.209.47.77
18.209.47.77 "GET /.git/ HTTP/1.1" 404 ... show more Bot webscan: 1 attempts were recorded from 18.209.47.77
18.209.47.77 "GET /.git/ HTTP/1.1" 404 3411 "-" "Mozilla/5.0 (X11; Linux x86_64)" show less
Port Scan
Valhalla
2024-12-02 23:50:25
(1 month ago)
Suspicious Activity Detected: /.git/
Hacking
Web App Attack
w-e-c-l-o-u-d-i-t
2024-12-02 23:24:56
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 18.209.47.77 (US/United States/ec2-18-209-47-77 ... show more (mod_security) mod_security (id:210492) triggered by 18.209.47.77 (US/United States/ec2-18-209-47-77.compute-1.amazonaws.com): 1 in the last 28800 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC show less
Brute-Force
SSH
TPI-Abuse
2024-12-02 23:14:26
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:14:18.658821 2024] [security2:error] [pid 22693:tid 22693] [client 18.209.47.77:49242] [client 18.209.47.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.victorvictor.biz"] [uri "/.git/"] [unique_id "Z04_Sn8qWk-xfgWJtTS6BgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-12-02 23:10:19
(1 month ago)
Too many Status 40X (12)
Brute-Force
Web App Attack
MAGIC
2024-12-02 23:07:36
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-12-02 22:59:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:59:12.404219 2024] [security2:error] [pid 21354:tid 21354] [client 18.209.47.77:40154] [client 18.209.47.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "insidepublications.com"] [uri "/.git/"] [unique_id "Z047wELxinU9xZG9yp3J8wAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
FeG Deutschland
2024-12-02 22:40:47
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack
TPI-Abuse
2024-12-02 22:37:28
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazon ... show more (mod_security) mod_security (id:210492) triggered by 18.209.47.77 (ec2-18-209-47-77.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:37:21.238227 2024] [security2:error] [pid 2927797:tid 2927797] [client 18.209.47.77:56160] [client 18.209.47.77] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "madronabluff.com"] [uri "/.git/"] [unique_id "Z042oYirU_Wh1JQHUSYRGwAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack