Vegascosmetics
2025-01-22 22:50:51
(2 weeks ago)
Kingcopy(AI-IDS): IP is wandering around the site and acting suspiciously.
Bad Web Bot
oh.mg
2025-01-22 14:23:14
(2 weeks ago)
[Wed Jan 22 15:23:14.051600 2025] [security2:error] [pid 1160348:tid 1160366] [client 13.39.156.41:5 ... show more [Wed Jan 22 15:23:14.051600 2025] [security2:error] [pid 1160348:tid 1160366] [client 13.39.156.41:58670] [client 13.39.156.41] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "www.mmn.on.ca"] [uri "/heh.php"] [unique_id "Z5D_UgL_OlsS1JEI2pOAGAAAAI8"], referer: www.google.com
... show less
Bad Web Bot
Web App Attack
paissangroup
2025-01-22 11:17:15
(2 weeks ago)
Multiple WAF Violations
Web App Attack
Cloudkul Cloudkul
2025-01-22 09:25:07
(2 weeks ago)
Attempted Not Found (404 status code) requests on our application, more than 30% of their total requ ... show more Attempted Not Found (404 status code) requests on our application, more than 30% of their total requests. show less
Brute-Force
Web App Attack
Abuse Reporting
2025-01-22 08:55:09
(2 weeks ago)
Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-content/plugins/view-more/i ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-content/plugins/view-more/ioxi.php - User Agent: N/A - Timestamp: 1/22/2025 8:55 am (UTC-6) show less
Web Spam
Hacking
Bad Web Bot
Web App Attack
antlac1
2025-01-22 08:03:46
(2 weeks ago)
crowdsecurity/http-bad-user-agent
Brute-Force
Web App Attack
Database.red
2025-01-22 06:30:45
(2 weeks ago)
[2025-01-22 01:30:45] Exploit probing - /wp-content/plugins/view-more/ioxi.php
Hacking
Brute-Force
Web App Attack
quicksand
2025-01-22 06:09:38
(2 weeks ago)
Malicious URI path & Amazon AWS User Agent Spoofing [GET /wp-content/plugins/view-more/ioxi.php] [Mo ... show more Malicious URI path & Amazon AWS User Agent Spoofing [GET /wp-content/plugins/view-more/ioxi.php] [Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36] show less
Bad Web Bot
Web App Attack
Mendip_Defender
2025-01-22 04:43:02
(2 weeks ago)
13.39.156.41 - - [22/Jan/2025:04:42:38 +0000] "GET /wp-content/plugins/view-more/ioxi.php HTTP/1.0" ... show more 13.39.156.41 - - [22/Jan/2025:04:42:38 +0000] "GET /wp-content/plugins/view-more/ioxi.php HTTP/1.0" 404 971 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
13.39.156.41 - - [22/Jan/2025:04:43:05 +0000] "GET /wp-content/plugins/erinyani/baxa1.php7 HTTP/1.0" 404 971 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
... show less
Hacking
Web App Attack
dusfor72
2025-01-22 04:14:43
(2 weeks ago)
stupid access attempts on non-existant files
...
Brute-Force
Web App Attack
clapper
2025-01-22 01:47:36
(2 weeks ago)
(mod_security) mod_security (id:980001) triggered by 13.39.156.41 (FR/France/ec2-13-39-156-41.eu-wes ... show more (mod_security) mod_security (id:980001) triggered by 13.39.156.41 (FR/France/ec2-13-39-156-41.eu-west-3.compute.amazonaws.com): 3 in the last 3600 secs; ID: LUC show less
Brute-Force
Bad Web Bot
Anonymous
2025-01-22 01:42:11
(2 weeks ago)
Automated report (2025-01-22T01:42:11+00:00). User agent cited by various attack tools, rootkits, ba ... show more Automated report (2025-01-22T01:42:11+00:00). User agent cited by various attack tools, rootkits, backdoors, webshells, and malware detected. show less
Hacking
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2025-01-22 01:41:35
(2 weeks ago)
Automated report (2025-01-22T01:41:35+00:00). User agent cited by various attack tools, rootkits, ba ... show more Automated report (2025-01-22T01:41:35+00:00). User agent cited by various attack tools, rootkits, backdoors, webshells, and malware detected. show less
Hacking
Bad Web Bot
Exploited Host
Web App Attack
mawan
2025-01-22 01:13:13
(2 weeks ago)
Suspected of having performed illicit activity on AMS server.
Web App Attack
Epimetheus
2025-01-22 00:44:59
(2 weeks ago)
Unauthorized access attempts:
From:
13.39.156.41
Method:
HTT ... show more Unauthorized access attempts:
From:
13.39.156.41
Method:
HTTP GET
URI Path:
/heh.php
UA:
"Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" show less
Web App Attack