Anonymous
2024-12-08 01:45:24
(23 hours ago)
Excessive crawling/scraping
Hacking
Brute-Force
Anonymous
2024-12-07 00:33:14
(2 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
rh24
2024-12-07 00:05:33
(2 days ago)
(apache-useragents) Failed apache-useragents trigger with match [redacted] from 54.36.149.94 (FR/Fra ... show more (apache-useragents) Failed apache-useragents trigger with match [redacted] from 54.36.149.94 (FR/France/hydrogen350-ext2.a.ahrefs.com) show less
Bad Web Bot
INTEQ
2024-12-06 00:09:58
(3 days ago)
Web attack from 54.36.149.94
Web App Attack
Anonymous
2024-12-05 00:13:13
(4 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-12-01 07:35:36
(1 week ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Mendip_Defender
2024-11-30 04:17:31
(1 week ago)
54.36.149.94 - - [30/Nov/2024:04:17:42 +0000] "GET /index.php/category/19 HTTP/1.0" 200 10804 "-" "M ... show more 54.36.149.94 - - [30/Nov/2024:04:17:42 +0000] "GET /index.php/category/19 HTTP/1.0" 200 10804 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
... show less
Bad Web Bot
selahattinalan
2024-11-29 16:20:26
(1 week ago)
54.36.149.94 - - [29/Nov/2024:19:20:25 +0300] "GET /index.php/ijces/citationstylelanguage/get/turabi ... show more 54.36.149.94 - - [29/Nov/2024:19:20:25 +0300] "GET /index.php/ijces/citationstylelanguage/get/turabian-fullnote-bibliography?submissionId=48&publicationId=50&issueId=6 HTTP/2.0" 200 442 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" show less
Brute-Force
Anonymous
2024-11-27 10:17:39
(1 week ago)
Excessive crawling/scraping
Hacking
Brute-Force
TPI-Abuse
2024-11-26 19:18:03
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 54.36.149.94 (hydrogen350-ext2.a.ahrefs.com): 1 ... show more (mod_security) mod_security (id:210730) triggered by 54.36.149.94 (hydrogen350-ext2.a.ahrefs.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 14:17:58.485595 2024] [security2:error] [pid 21856:tid 21856] [client 54.36.149.94:56085] [client 54.36.149.94] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||justinrudd.com|F|2"] [data ".bonpetsupply.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "justinrudd.com"] [uri "/www.bonpetsupply.com"] [unique_id "Z0Ye5hcPwfLr63U-zxgTZwAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-23 04:55:46
(2 weeks ago)
(mod_security) mod_security (id:217291) triggered by 54.36.149.94 (hydrogen350-ext2.a.ahrefs.com): 1 ... show more (mod_security) mod_security (id:217291) triggered by 54.36.149.94 (hydrogen350-ext2.a.ahrefs.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 22 23:55:40.017932 2024] [security2:error] [pid 11708:tid 11708] [client 54.36.149.94:27659] [client 54.36.149.94] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(\\\\n|\\\\r)" at ARGS_NAMES:\\r fromwhere. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "145"] [id "217291"] [rev "2"] [msg "HTTP Header Injection Attack via payload (CR/LF detected)||kingscruff.com|F|2"] [data "Matched Data: \\x0d found within ARGS_NAMES:\\x5cr fromwhere: \\x0d fromwhere"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "kingscruff.com"] [uri "/g12terms.php"] [unique_id "Z0FgTGmzTTYynpF6mSIFywAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mendip_Defender
2024-11-22 11:20:12
(2 weeks ago)
54.36.149.94 - - [22/Nov/2024:11:20:23 +0000] "GET /robots.txt HTTP/1.0" 304 792 "-" "Mozilla/5.0 (c ... show more 54.36.149.94 - - [22/Nov/2024:11:20:23 +0000] "GET /robots.txt HTTP/1.0" 304 792 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)"
... show less
Bad Web Bot
Anonymous
2024-11-20 03:08:26
(2 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
selahattinalan
2024-11-19 14:06:36
(2 weeks ago)
54.36.149.94 - - [19/Nov/2024:17:06:35 +0300] "GET /fotograflar/pages/image/imagepage10.html HTTP/2. ... show more 54.36.149.94 - - [19/Nov/2024:17:06:35 +0300] "GET /fotograflar/pages/image/imagepage10.html HTTP/2.0" 200 1234 "-" "Mozilla/5.0 (compatible; AhrefsBot/7.0; +http://ahrefs.com/robot/)" show less
Brute-Force
Anonymous
2024-11-16 12:42:19
(3 weeks ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH