|
๐ฌ๐ง
Philip Bradley
|
|
""
|
Hacking
|
|
|
๐ฒ๐พ
Rizzy
|
|
Multiple WAF Violations
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 24 22:40:44.054223 2024] [security2:error] [pid 10176:tid 10176] [client 84.54.51.68:41152] [client 84.54.51.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "etemcolak.com"] [uri "/wp-config.php~"] [unique_id "ZqG7LF_MC1JnJVjNHNs-BwAAAAY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฆ๐บ
oncord
|
|
Form spam
|
Web Spam
|
|
|
๐ฆ๐บ
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:212620) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the la ...
show more
(mod_security) mod_security (id:212620) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 18:17:01.845150 2024] [security2:error] [pid 20383:tid 20443] [client 84.54.51.68:35748] [client 84.54.51.68] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||gamecrazy.us|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php?action=\\x22><script>alert(string.fromcharcode(88,83,83))</script>&fileid=2210"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "gamecrazy.us"] [uri "/index.php"] [unique_id "Zp7aXamb7C345EAK6_bslwAAAJQ"], referer: http://gamecrazy.us/index.php?action="><script >alert(String.fromCharCode(88,83,83))</script>&fileid=2210
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 22 03:20:59.757151 2024] [security2:error] [pid 12522:tid 12522] [client 84.54.51.68:42318] [client 84.54.51.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crr-construction.com"] [uri "/wp-config.php.bak"] [unique_id "Zp4IWxRRI4nEHWK-4ZTP-gAAAAo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ช
OiledAmoeba
|
|
84.54.51.68 - - [21/Jul/2024:19:38:49 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 237 ...
show more
84.54.51.68 - - [21/Jul/2024:19:38:49 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 237 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36" "-" 0.625 "-"
84.54.51.68 - - [21/Jul/2024:19:38:50 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 235 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36" "-" 0.564 "-"
84.54.51.68 - - [21/Jul/2024:19:38:51 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 200 271 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36" "-" 0.540 "-"
84.54.51.68 - - [21/Jul/2024:19:38:52 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php HTTP/1.1" 403 0 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36" "-" 0.555 "-"
84.54.51.68 - - [21/Jul/2024:19:38:52 +0200] "www.ruhnke.cloud
...
show less
|
Brute-Force
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 84.54.51.68 (hosted-by.pfcloud.io): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 20 13:25:51.645960 2024] [security2:error] [pid 25389:tid 25393] [client 84.54.51.68:42692] [client 84.54.51.68] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maryschalkdesign.com"] [uri "/wp-config.phpa"] [unique_id "ZpvzH87EO1bc49xB1-5_WgAAAME"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ณ๐ฑ
Linuxmalwarehuntingnl
|
|
Honeypot HIT
|
Brute-Force
|
|
|
๐ณ๐ฑ
Linuxmalwarehuntingnl
|
|
Unauthorized connection attempt
|
Brute-Force
|
|
|
๐ณ๐ฑ
Linuxmalwarehuntingnl
|
|
Honeypot HIT
|
Brute-Force
|
|
|
๐ฉ๐ช
niceshops.com
|
|
Large amount of http-requests in short time ([19/Jun/2024:13:55:08.902] )
|
Bad Web Bot
|
|
|
๐ฆ๐บ
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
|
๐ฉ๐ช
NxtGenIT
|
|
84.54.51.68 has been observed attacking Port 1812. Observed Threat: RADIUS Login Brute Force Attempt
|
Brute-Force
|
|