geot
2024-11-30 18:11:10
(2 days ago)
POST /_ignition/execute-solution HTTP/1.1
Bad Web Bot
Web App Attack
kumiko
2024-11-29 22:33:17
(2 days ago)
[2024-11-29 22:33:17] User-Agent Spoofing (6 unique User-Agent strings from the same IP address with ... show more [2024-11-29 22:33:17] User-Agent Spoofing (6 unique User-Agent strings from the same IP address within 2 seconds) show less
Bad Web Bot
SpookReportUBro
2024-11-29 22:20:01
(2 days ago)
Failed login attempt detected by Fail2Ban in plesk-apache jail
Web App Attack
mirekdusin
2024-11-29 19:41:46
(3 days ago)
ModSecurity detection - Rules: 933140(PHP Injection Attack: I/O Stream Found), Type: PHP Injection A ... show more ModSecurity detection - Rules: 933140(PHP Injection Attack: I/O Stream Found), Type: PHP Injection Attack: I/O Stream Found show less
Web App Attack
findlab
2024-11-29 17:20:05
(3 days ago)
Backdrop CMS module - malicious activity detected
Bad Web Bot
Web App Attack
Anonymous
2024-11-29 16:03:32
(3 days ago)
Malicious activity detected
Hacking
Web App Attack
SCHAPPY
2024-11-29 16:02:26
(3 days ago)
Critical web app attack detected. Remote Command Execution: Windows Command Injection
Web App Attack
theEngineer
2024-11-29 15:55:06
(3 days ago)
[15:55:05] 4*: Exploit attempt against non-existent file - /_ignition/execute-solution (Repeat abuse ... show more [15:55:05] 4*: Exploit attempt against non-existent file - /_ignition/execute-solution (Repeat abuser, 24 other attacks previously recorded.) show less
Hacking
Bad Web Bot
Web App Attack
MWA SOC
2024-11-29 14:55:47
(3 days ago)
Hacking
Not Fake
2024-11-29 14:32:47
(3 days ago)
$f2bV_matches
Web App Attack
Roper123
2024-11-29 13:55:00
(3 days ago)
Web app exploits
Web App Attack
Bay13
2024-11-29 12:54:31
(3 days ago)
f2b http-redirect
Hacking
Web App Attack
theEngineer
2024-11-29 10:19:41
(3 days ago)
[10:19:40] 4*: Exploit attempt against non-existent file - /_ignition/execute-solution (Repeat abuse ... show more [10:19:40] 4*: Exploit attempt against non-existent file - /_ignition/execute-solution (Repeat abuser, 7 other attacks previously recorded.) show less
Hacking
Bad Web Bot
Web App Attack
kumiko
2024-11-29 08:57:59
(3 days ago)
[2024-11-29 08:57:59] User-Agent Spoofing (6 unique User-Agent strings from the same IP address with ... show more [2024-11-29 08:57:59] User-Agent Spoofing (6 unique User-Agent strings from the same IP address within 6 seconds) show less
Bad Web Bot
thefoofighter
2024-11-29 07:57:56
(3 days ago)
[Fri Nov 29 07:57:55.522957 2024] [:error] [pid 3919578] [client 165.232.184.115:60494] [client 165. ... show more [Fri Nov 29 07:57:55.522957 2024] [:error] [pid 3919578] [client 165.232.184.115:60494] [client 165.232.184.115] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 13)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.sarahmcnally.com"] [uri "/_ignition/execute-solution"] [unique_id "Z0l0A0F0jAshXRWdld6veAAAAAM"]
[Fri Nov 29 07:57:56.354749 2024] [:error] [pid 3919586] [client 165.232.184.115:60504] [client 165.232.184.115] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 13)"] [severi
... show less
Bad Web Bot
Web App Attack