myintarweb
2025-01-19 22:58:15
(4 days ago)
35.90.25.129 - - [03/Dec/2024:02:21:15 +0000] 443 "GET /.git/ HTTP/1.1" 301 5480 "-" "Mozilla/5.0 (X ... show more 35.90.25.129 - - [03/Dec/2024:02:21:15 +0000] 443 "GET /.git/ HTTP/1.1" 301 5480 "-" "Mozilla/5.0 (X11; Linux x86_64)"
... show less
Hacking
Bad Web Bot
Web App Attack
SOC [GOLINE SA]
2024-12-03 02:39:14
(1 month ago)
(mod_security) mod_security (id:949110) triggered by 35.90.25.129 (US/United States/Oregon/Boardman/ ... show more (mod_security) mod_security (id:949110) triggered by 35.90.25.129 (US/United States/Oregon/Boardman/ec2-35-90-25-129.us-west-2.compute.amazonaws.com/[AS16509 AMAZON-02]): 1 in the last 3600 secs; IP: 35.90.25.129; Ports: *; Direction: 0; Trigger: LF_TRIGGER; Logs: [Tue Dec 03 03:39:11.151995 2024] [security2:error] [pid 1099649:tid 1099751] [client 35.90.25.129:37776] [client 35.90.25.129] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.goline.ch"] [uri "/.git/"] [unique_id "Z05vTzYBu8gblQC8V9Ez2AAAAFc"] show less
Brute-Force
myintarweb
2024-12-03 02:21:15
(1 month ago)
35.90.25.129 - - [03/Dec/2024:02:21:15 +0000] 443 "GET /.git/ HTTP/1.1" 301 5480 "-" "Mozilla/5.0 (X ... show more 35.90.25.129 - - [03/Dec/2024:02:21:15 +0000] 443 "GET /.git/ HTTP/1.1" 301 5480 "-" "Mozilla/5.0 (X11; Linux x86_64)"
... show less
Hacking
Bad Web Bot
Web App Attack
mnsf
2024-12-03 02:07:36
(1 month ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
Aetherweb Ark
2024-12-03 01:57:15
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.90.25.129 (US/United States/ec2-35-90-25-129 ... show more (mod_security) mod_security (id:210492) triggered by 35.90.25.129 (US/United States/ec2-35-90-25-129.us-west-2.compute.amazonaws.com): N in the last X secs show less
Web App Attack
vestibtech
2024-12-02 23:56:09
(1 month ago)
35.90.25.129 - - [02/Dec/2024:16:56:09 -0700] "GET /.git/HEAD HTTP/1.1" 403 4661 "-" "Mozilla/5.0 (X ... show more 35.90.25.129 - - [02/Dec/2024:16:56:09 -0700] "GET /.git/HEAD HTTP/1.1" 403 4661 "-" "Mozilla/5.0 (X11; Linux x86_64)"
... show less
Web App Attack
TPI-Abuse
2024-12-02 23:48:54
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:48:47.526754 2024] [security2:error] [pid 8332:tid 8332] [client 35.90.25.129:45844] [client 35.90.25.129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.emiliofatuzzo.com"] [uri "/.git/"] [unique_id "Z05HX7pKz8fLMu3qDfN3LwAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-02 23:32:15
(1 month ago)
Restricted File Access Requests
Hacking
Brute-Force
w-e-c-l-o-u-d-i-t
2024-12-02 23:21:47
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.90.25.129 (US/United States/-): 1 in the las ... show more (mod_security) mod_security (id:210492) triggered by 35.90.25.129 (US/United States/-): 1 in the last 600 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC show less
Brute-Force
SSH
TPI-Abuse
2024-12-02 23:21:17
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:21:13.532462 2024] [security2:error] [pid 3058:tid 3058] [client 35.90.25.129:60290] [client 35.90.25.129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vekk.z-mgmt.com"] [uri "/.git/"] [unique_id "Z05A6Q4aA2tjc-MXXqicmQAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 23:05:21
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:05:18.038436 2024] [security2:error] [pid 2552:tid 2552] [client 35.90.25.129:38872] [client 35.90.25.129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.beirutbazar.com"] [uri "/.git/"] [unique_id "Z049LmUv_Iruo8eziJ1z2AAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 22:36:06
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:36:00.047336 2024] [security2:error] [pid 5156:tid 5156] [client 35.90.25.129:38606] [client 35.90.25.129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.rocksolidhomebuilders.com"] [uri "/.git/"] [unique_id "Z042UIOjq9ooJwvhiw0ZVAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Ba-Yu
2024-12-02 22:25:43
(1 month ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2024-12-02 22:20:49
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.comput ... show more (mod_security) mod_security (id:210492) triggered by 35.90.25.129 (ec2-35-90-25-129.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:20:46.038853 2024] [security2:error] [pid 1873:tid 1873] [client 35.90.25.129:44818] [client 35.90.25.129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mosherpit.com"] [uri "/.git/"] [unique_id "Z04yvsFutoU3qWEjAtZKywAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-12-02 22:19:56
(1 month ago)
Http Port:80 (http_status:404) - /.git/ - Agent:Mozilla/5.0 (X11; Linux x86_64)
Web App Attack