Anonymous
2024-12-03 18:04:26
(4 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
mnsf
2024-12-01 13:05:19
(6 days ago)
Too many Status 40X (13)
Brute-Force
Web App Attack
Anonymous
2024-11-30 06:49:51
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
mirekdusin
2024-11-29 10:59:38
(1 week ago)
Multiple ModSecurity detections - Rules: 930130(Restricted File Access Attempt), Types: Restricted F ... show more Multiple ModSecurity detections - Rules: 930130(Restricted File Access Attempt), Types: Restricted File Access Attempt show less
Web App Attack
TPI-Abuse
2024-11-23 06:36:39
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 23 01:36:34.385739 2024] [security2:error] [pid 20438:tid 20438] [client 20.249.182.215:27072] [client 20.249.182.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.helstone.com"] [uri "/.git/config"] [unique_id "Z0F38s8qJQ8dVfC3Brp0GgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-22 22:19:53
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 22 17:19:45.856003 2024] [security2:error] [pid 22459:tid 22459] [client 20.249.182.215:3073] [client 20.249.182.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.rockhillcounselors.com"] [uri "/.git/config"] [unique_id "Z0EDgfNhCgsNyHmiJP4zJwAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-21 22:12:28
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 21 17:12:23.635277 2024] [security2:error] [pid 1813089:tid 1813089] [client 20.249.182.215:17856] [client 20.249.182.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "metrosearchinc.com"] [uri "/.git/config"] [unique_id "Zz-wRxW_XtBPjw4vdTFB8QAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rocky Mountain Bioengineering Symposium
2024-11-21 02:08:51
(2 weeks ago)
20.249.182.215 - - [20/Nov/2024:19:08:51 -0700] "GET /.git/config HTTP/1.1" 303 4504 "-" "Python/3.8 ... show more 20.249.182.215 - - [20/Nov/2024:19:08:51 -0700] "GET /.git/config HTTP/1.1" 303 4504 "-" "Python/3.8 aiohttp/3.9.3"
... show less
Web App Attack
TPI-Abuse
2024-11-14 09:35:22
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 14 04:35:15.528667 2024] [security2:error] [pid 8756:tid 8756] [client 20.249.182.215:27077] [client 20.249.182.215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||piratecostumesonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "piratecostumesonline.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ZzXEU3A-ZtZr2lFaNPWM1wAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-13 07:38:39
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 13 02:38:34.988653 2024] [security2:error] [pid 243480:tid 243480] [client 20.249.182.215:1538] [client 20.249.182.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yogitunes.com"] [uri "/.git/config"] [unique_id "ZzRXes-qSAKMbBwv0Lzq-wAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-09 03:38:10
(4 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-11-06 02:17:03
(1 month ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
TPI-Abuse
2024-11-05 03:11:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.249.182.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 22:11:20.167066 2024] [security2:error] [pid 15891:tid 15891] [client 20.249.182.215:48641] [client 20.249.182.215] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "borjomi.cc"] [uri "/.git/config"] [unique_id "ZymM2BQdiwiYWD6ejHWRZAAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack