futuremakers.gr
2024-05-30 01:07:33
(7 months ago)
(mod_security) mod_security triggered on hostname [redacted] 193.143.1.119 (RU/Russia/-)
SQL Injection
TPI-Abuse
2024-05-30 01:04:03
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 21:03:59.191796 2024] [security2:error] [pid 32337] [client 193.143.1.119:41790] [client 193.143.1.119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "meetalines.com"] [uri "/api/user/v3/.git/config"] [unique_id "ZlfQf156cP8R-KgdJC2y8gAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-05-30 00:51:31
(7 months ago)
Ports: *; Direction: 0; Trigger: CT_LIMIT
Brute-Force
SSH
beehivecybersec
2024-05-30 00:35:59
(7 months ago)
Threat Blocked by BeeHive from (ASN:198953) (Network:PROTON66) (Host:beehive.systems) (Method:GET) ( ... show more Threat Blocked by BeeHive from (ASN:198953) (Network:PROTON66) (Host:beehive.systems) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2024-05-30T00:35:59Z) show less
Open Proxy
VPN IP
Port Scan
Hacking
SQL Injection
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2024-05-30 00:19:32
(7 months ago)
Bot / scanning and/or hacking attempts: done, streams: 0/1/1/0/0 (open/recv/resp/push/rst), local go ... show more Bot / scanning and/or hacking attempts: done, streams: 0/1/1/0/0 (open/recv/resp/push/rst), local goaway, streams: 0/1/1/0/0 (open/recv/resp/push/rst), GET /backup/.git/config HTTP/1.1, GET /web/.git/config HTTP/1.1, GET /database/.git/config HTTP/1.1, GET /build/.git/config HTTP/1.1, GET /blog/.git/config HTTP/1.1, GET /beta/.git/config HTTP/1.1, GET /shop/.git/config HTTP/1.1, GET /vendor/.git/config HTTP/1.1, GET /amphtml/.git/config HTTP/1.1, GET /wp-content/themes/.git/config HTTP/1.1, GET /v1/.git/config HTTP/1.1, GET /demo/.git/config HTTP/1.1, GET /developer/.git/config HTTP/1.1, GET /m/.git/config HTTP/1.1, GET /__MACOSX/.git/config HTTP/1.1, GET /qa/.git/config HTTP/1.1, GET /api/v1/.git/config HTTP/1.1, GET /app/.git/config HTTP/1.1, GET /api/admin/v2/.git/config HTTP/1.1, GET /application/.git/config HTTP/1.1, GET /staging/.git/config HTTP/1.1, GET /.git/config HTTP/1.1, GET /api/user/v3/.git/config HTTP/1.1, GET /s3/.git/config HTTP/1.1 show less
Hacking
Web App Attack
TPI-Abuse
2024-05-30 00:17:52
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 20:17:47.212120 2024] [security2:error] [pid 607] [client 193.143.1.119:49972] [client 193.143.1.119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newsletter.teenyb.com"] [uri "/wp-includes/js/.git/config"] [unique_id "ZlfFq5vm_OMyl4KxMWcVuwAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-05-30 00:03:28
(7 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_MODSEC
Brute-Force
SSH
TPI-Abuse
2024-05-29 23:40:39
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 19:40:32.515363 2024] [security2:error] [pid 16040] [client 193.143.1.119:56042] [client 193.143.1.119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "d2.stoneast.com"] [uri "/aomanalyzer/.git/config"] [unique_id "Zle88EU5FIbe4VR8luRvMgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
Interceptor_HQ
2024-05-29 23:30:28
(7 months ago)
request_uri: /app/.git/config -- automatic report --
Hacking
Brute-Force
vestibtech
2024-05-29 23:25:22
(7 months ago)
193.143.1.119 - - [29/May/2024:17:25:22 -0600] "GET /api/v3/.git/config HTTP/1.1" 403 7517 "-" "Mozi ... show more 193.143.1.119 - - [29/May/2024:17:25:22 -0600] "GET /api/v3/.git/config HTTP/1.1" 403 7517 "-" "Mozilla/5.0 (compatible; Exabot/3.0; http://www.exabot.com/go/robot)"
... show less
Web App Attack
Trueforce Threat Report
2024-05-29 23:09:07
(7 months ago)
Automated report, trolling for resource vulnerabilities
Bad Web Bot
Web App Attack
lauraorchid
2024-05-29 23:02:14
(7 months ago)
193.143.1.119 - - [29/May/2024:23:02:14 +0000] "GET /admin/.git/config HTTP/1.1" 404 187 "-" "Mozill ... show more 193.143.1.119 - - [29/May/2024:23:02:14 +0000] "GET /admin/.git/config HTTP/1.1" 404 187 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.54 Safari/537.36"
193.143.1.119 - - [29/May/2024:23:02:14 +0000] "GET /api/admin/v2/.git/config HTTP/1.1" 404 187 "-" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; Trident/5.0)"
193.143.1.119 - - [29/May/2024:23:02:14 +0000] "GET /a/.git/config HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1 Safari/605.1.15"
193.143.1.119 - - [29/May/2024:23:02:14 +0000] "GET /api/user/v2/.git/config HTTP/1.1" 404 187 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/62.0.3178.0 Safari/537.36"
193.143.1.119 - - [29/May/2024:23:02:14 +0000] "GET /api/user/v1/.git/config HTTP/1.1" 404 125 "-" "Mozilla/5.0 (X11; U; Linux x86_64; en-US; rv:1.9.1.3) Gecko/20091020 Linux Mint/8 (Helena) Firefox/3.5.3"
... show less
Bad Web Bot
TPI-Abuse
2024-05-29 22:57:04
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 18:56:59.762941 2024] [security2:error] [pid 27072] [client 193.143.1.119:43564] [client 193.143.1.119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vmmailing.com"] [uri "/demo/.git/config"] [unique_id "Zleyu8hODy3cHjDj_6YenwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-05-29 22:50:33
(7 months ago)
(mod_security) mod_security triggered on hostname [redacted] 193.143.1.119 (RU/Russia/-)
SQL Injection
TPI-Abuse
2024-05-29 22:27:38
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 193.143.1.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 29 18:27:31.325676 2024] [security2:error] [pid 18069] [client 193.143.1.119:39018] [client 193.143.1.119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fuentevictoria.com"] [uri "/user/.git/config"] [unique_id "Zler0yRYkRMu884Fn8LkkQAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack