π¦πΊ
MAGIC
2026-06-13 00:22:39
(3 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
2026-06-10 11:47:48
(6 days ago)
Malicious activity detected
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-10 06:15:13
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 193.56.20.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 193.56.20.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 02:15:01.234049 2026] [security2:error] [pid 555:tid 555] [client 193.56.20.79:19037] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cain2012.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cain2012.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aikA5YWez8M0xVTP3qNncgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π·
Staging
2026-06-05 07:03:00
(1 week ago)
one of the worst and dangerous ASNs
Bad Web Bot
π²πΉ
Malta
2026-06-04 14:19:11
(1 week ago)
193.56.20.79 - - [04/Jun/2026:16:19:11 +0200] "GET /wp-json/wp/v2/users HTTP/1.1" "Mozilla/5.0 (X11; ...
show more
193.56.20.79 - - [04/Jun/2026:16:19:11 +0200] "GET /wp-json/wp/v2/users HTTP/1.1" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
show less
Hacking
Web App Attack
VPN IP
πΊπΈ
TPI-Abuse
2026-05-24 08:38:21
(3 weeks ago)
(mod_security) mod_security (id:225170) triggered by 193.56.20.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 193.56.20.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 04:38:17.537689 2026] [security2:error] [pid 12705:tid 12705] [client 193.56.20.79:59375] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||jolankagroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahK4-VCfx7gK02HB10jN5AAAAAg"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
ChamberofCommerce.com
2025-11-06 23:55:58
(7 months ago)
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ...
show more
Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226
show less
Bad Web Bot
πΊπΈ
[email protected]
2025-10-27 00:06:50
(7 months ago)
Fail2Ban jail apache-json-scanners detected activity on 2025-10-27T00:06:50Z
Brute-Force
πΊπΈ
TPI-Abuse
2025-05-14 01:57:08
(1 year ago)
(mod_security) mod_security (id:210831) triggered by 193.56.20.79 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210831) triggered by 193.56.20.79 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 13 21:56:59.582700 2025] [security2:error] [pid 2277151:tid 2277151] [client 193.56.20.79:9695] [client 193.56.20.79] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||backstore.com|F|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/webalizer/usage_202505.html"] [unique_id "aCP4a_jCOPkIF_LTyJRq1wAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π·πΊ
sms.ru
2024-09-30 09:05:04
(1 year ago)
SMS pumping attack from foreign country
DDoS Attack
π©πͺ
trbs
2024-05-03 08:48:00
(2 years ago)
ws
Web Spam
π¬π§
essinghigh
2024-04-30 11:44:44
(2 years ago)
1714477483 # Service_probe # SIGNATURE_SEND # source_ip:193.56.20.79 # dst_port:5607
...
Port Scan