ghostwarriors
2024-11-25 21:20:19
(1 week ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Hirte
2024-11-25 21:12:04
(1 week ago)
ABV: Web Attack GET //wp-includes/link.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
Hirte
2024-11-25 13:54:13
(1 week ago)
MYH: Web Attack GET /wp-content/
Web Spam
Hacking
Bad Web Bot
Web App Attack
ghostwarriors
2024-11-25 13:50:12
(1 week ago)
Attempts against non-existent wp-login
Brute-Force
Web App Attack
mawan
2024-11-25 11:47:28
(1 week ago)
Suspected of having performed illicit activity on AMS server.
Web App Attack
Hirte
2024-11-25 09:57:28
(1 week ago)
C1: Web Attack GET /wp-content/about.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
Lemmy
2024-11-22 10:16:21
(2 weeks ago)
apache-noscript
Web App Attack
TPI-Abuse
2024-11-11 09:44:21
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.234.53.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.234.53.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 04:44:17.353427 2024] [security2:error] [pid 7627:tid 7627] [client 104.234.53.251:35103] [client 104.234.53.251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "otfes.com"] [uri "/.env"] [unique_id "ZzHR8YlYzQBDeLgGB_wl3AAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-10-24 09:22:37
(1 month ago)
multiple unauthorized attempts at Thu, 24 Oct 2024 02:32:46 +0000 a total of 1 times.
Brute-Force
Anonymous
2024-10-21 07:38:19
(1 month ago)
wordpress-trap
Web App Attack
oncord
2024-09-08 08:36:30
(3 months ago)
Form spam
Web Spam
Anonymous
2024-06-29 00:47:00
(5 months ago)
Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096, ... show more Ports: 20,21,25,53,80,110,143,443,465,587,993,995,2077,2078,2079,2080,2082,2083,2086,2087,2095,2096,3306,2195; Direction: 0; Trigger: LF_CUSTOMTRIGGER show less
Brute-Force
SSH
uhlhosting
2024-06-28 22:56:47
(5 months ago)
highacid.com 104.234.53.251 - - [29/Jun/2024:00:54:59.240208 +0200] "GET /user.php HTTP/1.1" 403 199 ... show more highacid.com 104.234.53.251 - - [29/Jun/2024:00:54:59.240208 +0200] "GET /user.php HTTP/1.1" 403 199 "-" "-" Zn8_Q8tjhJyL0ZXTGq0eLQAAAEU "-" /apache/20240629/20240629-0054/20240629-005459-Zn8_Q8tjhJyL0ZXTGq0eLQAAAEU 0 1653 md5:b581a5055508748e6f5703ed73ed81bc
highacid.com 104.234.53.251 - - [29/Jun/2024:00:56:40.182128 +0200] "GET /crypted.php HTTP/1.1" 403 199 "-" "-" Zn8_qCWB-4EJMkXGcg3zSwAAABA "-" /apache/20240629/20240629-0056/20240629-005640-Zn8_qCWB-4EJMkXGcg3zSwAAABA 0 1658 md5:0c8de7b607ffed6079cb0c1cbe9e9974
highacid.com 104.234.53.251 - - [29/Jun/2024:00:56:42.696123 +0200] "GET /h0110w4y.php HTTP/1.1" 403 199 "-" "-" Zn8_qiWB-4EJMkXGcg3zUAAAAA4 "-" /apache/20240629/20240629-0056/20240629-005642-Zn8_qiWB-4EJMkXGcg3zUAAAAA4 0 1659 md5:66ceef4ff86ce322d1f1fa1a14c061a5
highacid.com 104.234.53.251 - - [29/Jun/2024:00:56:44.705733 +0200] "GET /alf.php HTTP/1.1" 403 199 "-" "-" Zn8_rCWB-4EJMkXGcg3zXAAAAAU "-" /apache/20240629/20240629-0056/20240629-005644-Zn8_rCWB-4EJMkXGcg3zXAA
... show less
DDoS Attack
Brute-Force
TPI-Abuse
2024-06-28 22:16:45
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 104.234.53.251 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 104.234.53.251 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 28 18:16:38.923898 2024] [security2:error] [pid 12369] [client 104.234.53.251:23703] [client 104.234.53.251] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jerielster.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zn82RmAWrsKR-85PgpIZEAAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
MAGIC
2024-06-27 18:02:14
(5 months ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot