rshict
|
|
Hacking, Brute-Force, Web App Attack
|
Hacking
Brute-Force
Web App Attack
|
|
AvonleaConsulting
|
|
Attempts to probe web pages for vulnerable PHP or other applications
|
Web App Attack
|
|
Smel
|
|
HTTP/80/443/8080 Unauthorized Probe, Hack -
|
Hacking
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 07 02:24:08.389589 2024] [security2:error] [pid 28623:tid 28623] [client 196.74.139.43:5422] [client 196.74.139.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cmgpartners.com"] [uri "/.git/HEAD"] [unique_id "ZyxrGA0fhpDME6rcpqK3wwAAAAM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
196.74.139.43 - - [07/Nov/2024:07:36:09 +0100] "GET /.git/HEAD HTTP/1.1" 402 768 "-" "Python/3.7 aio ... show more196.74.139.43 - - [07/Nov/2024:07:36:09 +0100] "GET /.git/HEAD HTTP/1.1" 402 768 "-" "Python/3.7 aiohttp/3.8.6"
196.74.139.43 - - [07/Nov/2024:07:36:09 +0100] "GET /.git/HEAD HTTP/1.1" 402 4084 "-" "Python/3.7 aiohttp/3.8.6"
196.74.139.43 - - [07/Nov/2024:07:48:49 +0100] "GET /.git/HEAD HTTP/1.1" 402 4084 "-" "Python/3.7 aiohttp/3.8.6"
... show less
|
Web App Attack
|
|
SilverZippo
|
|
Web App Attack
|
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
mashamal
|
|
Vulnerability Probe
...
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 07 01:33:33.554660 2024] [security2:error] [pid 734:tid 734] [client 196.74.139.43:62457] [client 196.74.139.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.serpentstudios.com"] [uri "/.git/config"] [unique_id "ZyxfPXRZVwBfKwiKy-ATdAAAAAM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
cmbplf
|
|
214 requests to */.git/config
|
Brute-Force
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 07 00:30:08.534524 2024] [security2:error] [pid 23127:tid 23127] [client 196.74.139.43:23293] [client 196.74.139.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.omneom.com"] [uri "/.git/config"] [unique_id "ZyxQYNjLans-U3bNT39Y-QAAAAI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
AvonleaConsulting
|
|
Scanning unused Default website or suspicious access to valid sites from IP marked as abusive
|
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 23:41:33.287985 2024] [security2:error] [pid 18859:tid 18859] [client 196.74.139.43:39325] [client 196.74.139.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.thegolfhole.com"] [uri "/.git/config"] [unique_id "ZyxE_bW6h_Es60Q7lNvrEgAAAB4"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210492) triggered by 196.74.139.43 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 06 21:12:08.744509 2024] [security2:error] [pid 24825:tid 24825] [client 196.74.139.43:57156] [client 196.74.139.43] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "developerdove.com"] [uri "/.git/config"] [unique_id "Zywh-Iq9CLBlu7cUEf4w1gAAAA4"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
kumiko
|
|
[2024-11-06 22:25:24] Probing for dotfiles
"GET //.git/config HTTP/1.0" 301
|
Bad Web Bot
Web App Attack
|
|