Anonymous
2024-12-03 02:42:49
(1 month ago)
Probing to gain illegal access
Web App Attack
archiv-pm
2024-12-03 02:27:59
(1 month ago)
Probing for resource vulnerabilities HTTP(S)
Web App Attack
mnsf
2024-12-03 02:03:34
(1 month ago)
Too many Status 40X (12)
Brute-Force
Web App Attack
TPI-Abuse
2024-12-03 01:38:51
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 20:38:45.856423 2024] [security2:error] [pid 1307:tid 1307] [client 54.244.28.210:54334] [client 54.244.28.210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.bastardesign.com"] [uri "/.git/"] [unique_id "Z05hJc2CmpOYNigiW8uGiwAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
advena
2024-12-03 01:30:56
(1 month ago)
54.244.28.210 (AS16509 AMAZON-02) was intercepted at 2024-12-03T01:23:33Z after violating WAF direct ... show more 54.244.28.210 (AS16509 AMAZON-02) was intercepted at 2024-12-03T01:23:33Z after violating WAF directive: 23548ee2b36547a1be09bb2c0550c529. Pre-cautionary/corrective action applied: block. show less
Web Spam
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-12-03 00:51:12
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 19:51:05.006275 2024] [security2:error] [pid 3368384:tid 3368384] [client 54.244.28.210:43170] [client 54.244.28.210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.redeemedbaptist.church"] [uri "/.git/"] [unique_id "Z05V-UZ1r2Tea6KfuS3orAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
Ba-Yu
2024-12-03 00:10:45
(1 month ago)
General hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
TPI-Abuse
2024-12-03 00:04:55
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 19:04:50.439185 2024] [security2:error] [pid 31567:tid 31567] [client 54.244.28.210:53072] [client 54.244.28.210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.furballaudio.com"] [uri "/.git/"] [unique_id "Z05LIjJmm98VD53RzbNeXgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 23:46:18
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:46:13.378308 2024] [security2:error] [pid 3015084:tid 3015084] [client 54.244.28.210:47914] [client 54.244.28.210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "proitlb.com.mecme.co"] [uri "/.git/"] [unique_id "Z05Gxb4UuJgX8Df6B16eEgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 23:14:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 18:14:50.605752 2024] [security2:error] [pid 13387:tid 13387] [client 54.244.28.210:36534] [client 54.244.28.210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.otrantocapital.com"] [uri "/.git/"] [unique_id "Z04_arTtnMQpxn6Dc4H81wAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-02 22:58:22
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:58:18.742847 2024] [security2:error] [pid 32717:tid 32717] [client 54.244.28.210:40632] [client 54.244.28.210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.gestiofiscal.com"] [uri "/.git/"] [unique_id "Z047iipVAJQqPNJoNDNHZQAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
MSZ
2024-12-02 22:48:18
(1 month ago)
Blocked by Fail2Ban (plesk-modsecurity)
Hacking
Brute-Force
Web App Attack
TPI-Abuse
2024-12-02 22:35:45
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.comp ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 02 17:35:38.668776 2024] [security2:error] [pid 7367:tid 7367] [client 54.244.28.210:37696] [client 54.244.28.210] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.empoweruohio.org"] [uri "/.git/"] [unique_id "Z042Okv4xlPz_jOHkqY2pQAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
Burayot
2024-12-02 22:33:30
(1 month ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 54.244.28.210 (US/United States/ec2- ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 54.244.28.210 (US/United States/ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 3600 secs show less
Web App Attack
w-e-c-l-o-u-d-i-t
2024-12-02 22:31:44
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 54.244.28.210 (US/United States/ec2-54-244-28-2 ... show more (mod_security) mod_security (id:210492) triggered by 54.244.28.210 (US/United States/ec2-54-244-28-210.us-west-2.compute.amazonaws.com): 1 in the last 600 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC show less
Brute-Force
SSH