MAGIC
2023-12-24 22:06:25
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
lavnet.net
2023-12-24 17:48:12
(1 year ago)
[Sun Dec 24 17:48:08.672672 2023] [authz_core:error] [pid 2419280] [client 45.92.229.133:54389] AH01 ... show more [Sun Dec 24 17:48:08.672672 2023] [authz_core:error] [pid 2419280] [client 45.92.229.133:54389] AH01630: client denied by server configuration: /var/www/seconcepts.com/web/themes.php, referer: http://seconcepts.com//themes.php
[Sun Dec 24 17:48:09.366364 2023] [authz_core:error] [pid 2419280] [client 45.92.229.133:54389] AH01630: client denied by server configuration: /var/www/seconcepts.com/web/about.php, referer: http://seconcepts.com//about.php
[Sun Dec 24 17:48:11.541307 2023] [authz_core:error] [pid 2419280] [client 45.92.229.133:54389] AH01630: client denied by server configuration: /var/www/seconcepts.com/web/byp.php, referer: http://seconcepts.com//byp.php
... show less
Brute-Force
Hirte
2023-12-24 12:37:57
(1 year ago)
MYH: Web Attack GET //admin/controller/extension/wpm.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
Anonymous
2023-12-24 01:07:57
(1 year ago)
<comment>
Web App Attack
iNetWorker
2023-12-23 22:13:21
(1 year ago)
trolling for resource vulnerabilities
Web App Attack
DAILYKANBAN.COM
2023-12-23 20:54:56
(1 year ago)
(mod_security) mod_security (id:1000001) triggered by 45.92.229.133 (US/United States/-): 2 in the l ... show more (mod_security) mod_security (id:1000001) triggered by 45.92.229.133 (US/United States/-): 2 in the last 600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Sat Dec 23 20:54:53.495552 2023] [security2:error] [pid 729117:tid 23302139533056] [client 45.92.229.133:11245] [client 45.92.229.133] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/default.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "9"] [id "1000001"] [msg "Restricted File Probe"] [data "Matched Data: /default.php found within REQUEST_URI"] [severity "CRITICAL"] [tag "paranoia-level/2"] [hostname "andy.dailykanban.com"] [uri "/default.php"] [unique_id "ZYdJHYtgdaYZ1_N4ySnqUwAAAJg"]
[Sat Dec 23 20:54:55.867146 2023] [security2:error] [pid 729117:tid 23302139533056] [client 45.92.229.133:11245] [client 45.92.229.133] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/xx.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "9 show less
Web App Attack
Anonymous
2023-12-23 11:52:15
(1 year ago)
Malicious activity detected
Bot disrespecting robots.txt
Bad Web Bot
CryptoYakari
2023-12-20 18:57:49
(1 year ago)
45.92.229.133 - - [20/Dec/2023:21:57:37 +0300] "GET /wp-content/uploads/ HTTP/1.0" 404 27545 "http:/ ... show more 45.92.229.133 - - [20/Dec/2023:21:57:37 +0300] "GET /wp-content/uploads/ HTTP/1.0" 404 27545 "http://robostopia.com/wp-content/uploads/" "Go-http-client/2.0"
45.92.229.133 - - [20/Dec/2023:21:57:38 +0300] "GET /wp-content/plugins/ HTTP/1.0" 404 27545 "http://robostopia.com/wp-content/plugins/" "Go-http-client/2.0"
45.92.229.133 - - [20/Dec/2023:21:57:39 +0300] "GET /wp-admin/admin-ajax.php HTTP/1.0" 404 27587 "http://robostopia.com/wp-admin/admin-ajax.php" "Go-http-client/2.0"
45.92.229.133 - - [20/Dec/2023:21:57:42 +0300] "GET /wp-content/themes/twenty/twenty.php HTTP/1.0" 404 27721 "http://robostopia.com/wp-content/themes/twenty/twenty.php" "Go-http-client/2.0"
45.92.229.133 - - [20/Dec/2023:21:57:46 +0300] "GET /wp-content/patior/ HTTP/1.0" 404 27534 "http://robostopia.com/wp-content/patior/" "Go-http-client/2.0"
... show less
Web Spam
Blog Spam
Bad Web Bot
Web App Attack
Rizzy
2023-12-20 04:40:52
(1 year ago)
Multiple WAF Violations
Brute-Force
Web App Attack
myagent.site
2023-12-19 18:57:37
(1 year ago)
Blocking for trying to access an exploit file: //upload.php
Hacking
mnsf
2023-12-19 12:04:31
(1 year ago)
Too many Status 40X (98)
Request Overload (102)
Brute-Force
Web App Attack
Anonymous
2023-12-11 11:03:03
(1 year ago)
Excessive crawling/scraping
Hacking
Brute-Force
unifr
2023-10-20 12:43:09
(1 year ago)
Unauthorized IMAP connection attempt
Brute-Force
ThreatBook.io
2023-09-27 22:31:57
(1 year ago)
ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/45.92.229.133
20 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/45.92.229.133
2023-09-27 20:31:57 /sources/.env,{"body":"0x%5B%5D=androxgh0st","content_type":"application/x-www-form-urlencoded","header":{"Accept":["*/*"],"Accept-Encoding":["gzip, deflate"],"Connection":["keep-alive"],"Content-Length":["20"],"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"]},"host":"154.8.202.195","method":"POST","proto":"HTTP/1.1","remote_addr":"45.92.229.133:59873","status_code":200,"url":"/sources/.env","user_agent":"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0"}
2023-09-27 22:47:44 /enviroments/.env.production show less
Web App Attack
Ba-Yu
2023-08-25 05:49:13
(1 year ago)
WordPress hacking/exploits/scanning
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack