jormaster3k
2024-12-01 06:41:23
(1 week ago)
Attack against Apache (too many 404s)
Web App Attack
TPI-Abuse
2024-11-30 20:48:24
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telema ... show more (mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telemach.ba): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 15:48:16.836960 2024] [security2:error] [pid 26207:tid 26207] [client 77.78.224.15:49039] [client 77.78.224.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web-dojo.info"] [uri "/.git/config"] [unique_id "Z0t6EFhtUyJpMrZltpzEjgAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
sefinek.net
2024-11-30 20:40:03
(1 week ago)
Triggered Cloudflare WAF (firewallCustom) from BA.
Action taken: BLOCK
ASN: 42560 (BA-TE ... show more Triggered Cloudflare WAF (firewallCustom) from BA.
Action taken: BLOCK
ASN: 42560 (BA-TELEMACH-AS Telemach d.o.o. Sarajevo)
Protocol: HTTP/1.1 (GET method)
Zone: sefinek.net
Endpoint: /.git/config
Timestamp: 2024-11-30T19:09:51Z
Ray ID: 8ead225c5e6f3247
UA: Mozilla/5.0
Report generated by Cloudflare-WAF-To-AbuseIPDB:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less
Bad Web Bot
tmiland
2024-11-30 20:13:43
(1 week ago)
(nginx_404) Dot directory Honeypot Trap 77.78.224.15 (BA/Bosnia and Herzegovina/cable-77-78-224-15.d ... show more (nginx_404) Dot directory Honeypot Trap 77.78.224.15 (BA/Bosnia and Herzegovina/cable-77-78-224-15.dynamic.telemach.ba): 2 in the last 3600 secs show less
Brute-Force
Bad Web Bot
thedreamer.nl
2024-11-30 20:07:40
(1 week ago)
77.78.224.15 - - [30/Nov/2024:21:07:39 +0100] "GET /.git/config HTTP/1.1" 200 2213 "-" "Mozilla/5.0" ... show more 77.78.224.15 - - [30/Nov/2024:21:07:39 +0100] "GET /.git/config HTTP/1.1" 200 2213 "-" "Mozilla/5.0" "BA" "Sarajevo" "43.84530" "18.35920"
77.78.224.15 - - [30/Nov/2024:21:07:39 +0100] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0" "BA" "Sarajevo" "43.84530" "18.35920"
77.78.224.15 - - [30/Nov/2024:21:07:40 +0100] "GET /.git/config HTTP/1.1" 200 2213 "-" "Mozilla/5.0" "BA" "Sarajevo" "43.84530" "18.35920"
... show less
Hacking
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-30 19:06:20
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telema ... show more (mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telemach.ba): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 14:06:13.264405 2024] [security2:error] [pid 14178:tid 14178] [client 77.78.224.15:51393] [client 77.78.224.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scadco.com"] [uri "/.git/config"] [unique_id "Z0tiJbZWiMUWJAzwcw0ShgAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
rdpguard.com
2024-11-30 18:49:36
(1 week ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
mashamal
2024-11-30 18:30:49
(1 week ago)
Vulnerability Probe
...
Web App Attack
TPI-Abuse
2024-11-30 16:58:33
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telema ... show more (mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telemach.ba): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 11:58:27.491324 2024] [security2:error] [pid 1608:tid 1608] [client 77.78.224.15:49220] [client 77.78.224.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "learningbyshipping.com"] [uri "/.git/config"] [unique_id "Z0tEM1WvqHI1a5l6yuTMrwAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-11-30 15:36:50
(1 week ago)
77.78.224.15 - - [30/Nov/2024:16:36:49 +0100] "GET /.git/config HTTP/1.1" 200 12033 "-" "Mozilla/5.0 ... show more 77.78.224.15 - - [30/Nov/2024:16:36:49 +0100] "GET /.git/config HTTP/1.1" 200 12033 "-" "Mozilla/5.0"
77.78.224.15 - - [30/Nov/2024:16:36:49 +0100] "GET /.git/config HTTP/1.1" 200 12033 "-" "Mozilla/5.0"
77.78.224.15 - - [30/Nov/2024:16:36:49 +0100] "GET /.git/config HTTP/1.1" 200 12033 "-" "Mozilla/5.0" show less
Web App Attack
FeG Deutschland
2024-11-30 15:28:02
(1 week ago)
Looking for CMS/PHP/SQL vulnerablilities - 12345671011
Exploited Host
Web App Attack
jasperedv.de
2024-11-30 15:25:28
(1 week ago)
Apache Login - Brutforcing
Brute-Force
Web App Attack
TheMadBeaker
2024-11-30 15:23:35
(1 week ago)
Fail2Ban Ban Triggered
HTTP Exploit Attempt
Brute-Force
Web App Attack
TPI-Abuse
2024-11-30 15:07:55
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telema ... show more (mod_security) mod_security (id:210492) triggered by 77.78.224.15 (cable-77-78-224-15.dynamic.telemach.ba): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 10:07:47.511774 2024] [security2:error] [pid 22946:tid 22946] [client 77.78.224.15:48709] [client 77.78.224.15] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easy2surf.com"] [uri "/.git/config"] [unique_id "Z0sqQ2aPCzP4TdVjpruP1wAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
w-e-c-l-o-u-d-i-t
2024-11-30 14:01:34
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 77.78.224.15 (BA/Bosnia and Herzegovina/cable-7 ... show more (mod_security) mod_security (id:210492) triggered by 77.78.224.15 (BA/Bosnia and Herzegovina/cable-77-78-224-15.dynamic.telemach.ba): 1 in the last 300 secs; Ports: *; Direction: 0; Trigger: LF_MODSEC show less
Brute-Force
SSH