MAGIC
2024-08-27 19:04:50
(2 weeks ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2024-08-12 18:13:04
(1 month ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-08-07 14:44:13
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 91.243.89.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 91.243.89.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 07 10:44:05.170934 2024] [security2:error] [pid 26571:tid 26571] [client 91.243.89.49:11197] [client 91.243.89.49] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Cobi/Thumbs.db"] [unique_id "ZrOINY5cspAkjFpZN4he-QAAABQ"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Cobi/ show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-05-30 02:00:38
(3 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-05-14 13:03:47
(4 months ago)
Malicious activity detected
Hacking
Web App Attack
TPI-Abuse
2024-05-12 14:00:47
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 91.243.89.49 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 91.243.89.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 12 10:00:42.009816 2024] [security2:error] [pid 6640] [client 91.243.89.49:37853] [client 91.243.89.49] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||advantagesystemsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "advantagesystemsgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZkDLikhYnwBDgM5eMvdCvgAAAAg"], referer: https://www.google.com show less
Brute-Force
Bad Web Bot
Web App Attack
backslash
2024-04-12 09:54:43
(5 months ago)
honeypot
Bad Web Bot
10dencehispahard SL
2024-03-29 10:00:56
(5 months ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
www.narsol.org
2023-09-18 11:49:15
(11 months ago)
Sep 18 07:49:13 do1 wordpress(narsol.org)[971781]: Authentication attempt for unknown user admin1234 ... show more Sep 18 07:49:13 do1 wordpress(narsol.org)[971781]: Authentication attempt for unknown user admin1234 from 91.243.89.49
Sep 18 07:49:14 do1 wordpress(narsol.org)[2274245]: Authentication attempt for unknown user admin1234 from 91.243.89.49
... show less
DDoS Attack
Web App Attack
www.narsol.org
2023-09-18 11:29:34
(11 months ago)
Sep 18 07:29:32 do1 wordpress(narsol.org)[2274245]: Authentication attempt for unknown user media fr ... show more Sep 18 07:29:32 do1 wordpress(narsol.org)[2274245]: Authentication attempt for unknown user media from 91.243.89.49
Sep 18 07:29:33 do1 wordpress(narsol.org)[971781]: Authentication attempt for unknown user media from 91.243.89.49
... show less
DDoS Attack
Web App Attack
backslash
2023-06-30 07:37:34
(1 year ago)
Bad Web Bot