TPI-Abuse
2024-12-03 02:22:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 21:22:24.971752 2024] [security2:error] [pid 25022:tid 25022] [client 52.90.154.163:37690] [client 52.90.154.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mitchellfabrication.mitchellamazing.com"] [uri "/.git/"] [unique_id "Z05rYMCbvFbRhM6sBpHHPQAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
mnsf
2024-12-03 02:05:12
(1 month ago)
Too many Status 40X (11)
Brute-Force
Web App Attack
Burayot
2024-12-03 01:45:46
(1 month ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 52.90.154.163 (US/United States/ec2- ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 52.90.154.163 (US/United States/ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 3600 secs show less
Web App Attack
w-e-c-l-o-u-d-i-t
2024-12-02 23:52:52
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (US/United States/ec2-52-90-154-1 ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (US/United States/ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC show less
Brute-Force
SSH
TPI-Abuse
2024-12-02 23:46:43
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:46:40.371091 2024] [security2:error] [pid 1500:tid 1500] [client 52.90.154.163:54366] [client 52.90.154.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.zydecajun.radio.fm"] [uri "/.git/"] [unique_id "Z05G4GzDQzCy986BC9oT3gAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 23:31:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:31:06.778272 2024] [security2:error] [pid 15116:tid 15116] [client 52.90.154.163:36288] [client 52.90.154.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.judgehall.com"] [uri "/.git/"] [unique_id "Z05DOqYQB748u-ihVbGmaAAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 23:15:40
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:15:32.987649 2024] [security2:error] [pid 23891:tid 23891] [client 52.90.154.163:49892] [client 52.90.154.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web244.dnchosting.com"] [uri "/.git/"] [unique_id "Z04_lHPEu_nS9gVIjODZIwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
FeG Deutschland
2024-12-02 23:10:47
(1 month ago)
Looking for CMS/PHP/SQL vulnerablilities - 13
Exploited Host
Web App Attack
MAGIC
2024-12-02 23:00:20
(1 month ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
TPI-Abuse
2024-12-02 22:59:43
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:59:37.905987 2024] [security2:error] [pid 9016:tid 9016] [client 52.90.154.163:40538] [client 52.90.154.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.thebeesgold.garyrankin.com"] [uri "/.git/"] [unique_id "Z0472RLeyHSSxcALJf1pMwAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
MSZ
2024-12-02 22:32:18
(1 month ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-12-02 22:22:32
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:22:22.948698 2024] [security2:error] [pid 6703:tid 6703] [client 52.90.154.163:48218] [client 52.90.154.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.roselockecasting.com"] [uri "/.git/"] [unique_id "Z04zHo6VSvlS0amEkRrcSAAAABc"] show less
Brute-Force
Bad Web Bot
Web App Attack
GoodOldTOS
2024-12-02 22:13:04
(1 month ago)
Bad keywords detected in request: /.git
Web App Attack
TPI-Abuse
2024-12-02 22:06:00
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amaz ... show more (mod_security) mod_security (id:210492) triggered by 52.90.154.163 (ec2-52-90-154-163.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:05:55.298319 2024] [security2:error] [pid 4136:tid 4136] [client 52.90.154.163:42456] [client 52.90.154.163] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.vrooble.com"] [uri "/.git/"] [unique_id "Z04vQzKrF5GykvF7eqQcxQAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack