๐ต๐น
lusonode.com
2024-04-03 14:00:37
(2 years ago)
[LN-SOC] Port Scanning / HTTP Bot Scan
Web Spam
Port Scan
๐ฌ๐ง
Apache
2024-03-21 21:20:44
(2 years ago)
(mod_security) mod_security (id:218500) triggered by 91.92.252.166 (BG/Bulgaria/-): 5 in the last 30 ...
show more
(mod_security) mod_security (id:218500) triggered by 91.92.252.166 (BG/Bulgaria/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐ฌ๐ง
Steve Berrill
2024-03-19 10:37:00
(2 years ago)
91.92.252.166
Web App Attack
๐ฉ๐ช
bsoft.de
2024-02-25 23:36:04
(2 years ago)
91.92.252.166 - - [25/Feb/2024:23:55:59 +0100] "GET /wp-login.php?action=register HTTP/1.1" 404 8248 ...
show more
91.92.252.166 - - [25/Feb/2024:23:55:59 +0100] "GET /wp-login.php?action=register HTTP/1.1" 404 82489 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
91.92.252.166 - - [26/Feb/2024:00:01:05 +0100] "GET /wp-login.php HTTP/1.1" 404 82489 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
91.92.252.166 - - [26/Feb/2024:00:36:03 +0100] "GET /wp-login.php?action=register HTTP/1.1" 404 61498 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
show less
Web App Attack
๐ฉ๐ช
bsoft.de
2024-02-25 17:19:00
(2 years ago)
91.92.252.166 - - [25/Feb/2024:16:59:12 +0100] "GET /wp-login.php?action=register HTTP/1.1" 404 6149 ...
show more
91.92.252.166 - - [25/Feb/2024:16:59:12 +0100] "GET /wp-login.php?action=register HTTP/1.1" 404 61498 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
91.92.252.166 - - [25/Feb/2024:17:03:14 +0100] "GET /wp-login.php HTTP/1.1" 404 61463 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
91.92.252.166 - - [25/Feb/2024:18:18:58 +0100] "GET /wp-login.php?action=register HTTP/1.1" 404 61498 "-" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"
show less
Web App Attack
๐บ๐ธ
mawan
2024-02-25 05:47:13
(2 years ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ณ๐ฑ
mawan
2024-02-23 19:23:50
(2 years ago)
Suspected of having performed illicit activity on AMS server.
Web App Attack
๐ฉ๐ช
dwmp
2024-02-23 10:20:37
(2 years ago)
[Fri Feb 23 08:43:00.197506 2024] [authz_core:error] [pid 498920:tid 140451797526272] [client 91.92. ...
show more
[Fri Feb 23 08:43:00.197506 2024] [authz_core:error] [pid 498920:tid 140451797526272] [client 91.92.252.166:51020] AH01630: client denied by server configuration: /var/www/vhosts/solutionhub-telefonia-digitalizzazione.it/httpdocs/wp-content/uploads/style.php
[Fri Feb 23 10:17:21.013609 2024] [authz_core:error] [pid 498867:tid 140451663308544] [client 91.92.252.166:59887] AH01630: client denied by server configuration: /var/www/vhosts/kratosenergia.it/httpdocs/wp-content/uploads/style.php
[Fri Feb 23 10:44:48.517173 2024] [authz_core:error] [pid 498920:tid 140451269048064] [client 91.92.252.166:49346] AH01630: client denied by server configuration: /var/www/vhosts/xforming.it/httpdocs/wp-content/uploads/style.php
[Fri Feb 23 10:49:19.881637 2024] [authz_core:error] [pid 498920:tid 140451369694976] [client 91.92.252.166:55951] AH01630: client denied by server configuration: /var/www/vhosts/green-agent.it/httpdocs/wp-content/uploads/style.php
[Fri Feb 23 11:20:36.241721 2024] [authz_core:
...
show less
Brute-Force
๐จ๐ฟ
plzenskypruvodce.cz
2024-02-23 05:50:30
(2 years ago)
[Fri Feb 23 06:50:06.661848 2024] [authz_core:error] [pid 421726:tid 140045545576192] [client 91.92. ...
show more
[Fri Feb 23 06:50:06.661848 2024] [authz_core:error] [pid 421726:tid 140045545576192] [client 91.92.252.166:49924] AH01630: client denied by server configuration: /var/www/opusarium.cz/www/wp-includes/style.php
[Fri Feb 23 06:50:29.157054 2024] [authz_core:error] [pid 421726:tid 140045637895936] [client 91.92.252.166:59587] AH01630: client denied by server configuration: /var/www/opusarium.cz/www/wp-content/uploads/style.php
...
show less
Web App Attack
๐ฉ๐ช
psauxit
2024-02-23 01:53:18
(2 years ago)
Fail2Ban - NGINX heavily bad-bot, possible vulnerability scanning and excessive crawling/scraping
Web Spam
Hacking
Bad Web Bot
Web App Attack
๐ณ๐ฑ
mawan
2024-02-22 17:04:53
(2 years ago)
Suspected of having performed illicit activity on AMS server.
Web App Attack
๐ฉ๐ช
psauxit
2024-02-22 00:34:54
(2 years ago)
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ...
show more
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping
show less
Hacking
Web App Attack
๐ฉ๐ช
dwmp
2024-02-21 18:13:48
(2 years ago)
[Wed Feb 21 14:48:54.723875 2024] [authz_core:error] [pid 3768124:tid 140451252262656] [client 91.92 ...
show more
[Wed Feb 21 14:48:54.723875 2024] [authz_core:error] [pid 3768124:tid 140451252262656] [client 91.92.252.166:54216] AH01630: client denied by server configuration: /var/www/vhosts/kratosenergia.it/httpdocs/wp-admin/css/colors/ectoplasm/load-styles.php
[Wed Feb 21 17:41:37.510362 2024] [authz_core:error] [pid 3768071:tid 140451885291264] [client 91.92.252.166:59186] AH01630: client denied by server configuration: /var/www/vhosts/xforming.it/httpdocs/wp-admin/css/colors/ectoplasm/load-styles.php
[Wed Feb 21 17:43:35.807342 2024] [authz_core:error] [pid 3768124:tid 140451269048064] [client 91.92.252.166:61381] AH01630: client denied by server configuration: /var/www/vhosts/green-agent.it/httpdocs/wp-admin/css/colors/ectoplasm/load-styles.php
[Wed Feb 21 18:52:18.770710 2024] [authz_core:error] [pid 4108279:tid 140450975434496] [client 91.92.252.166:62420] AH01630: client denied by server configuration: /var/www/vhosts/fmc-controllo-utilities.it/httpdocs/wp-admin/css/colors/ectoplasm/load-
...
show less
Brute-Force
๐ฆ๐บ
ozisp.com.au
2024-02-21 07:28:13
(2 years ago)
BG_MNT-NETERRA_<33>1708500491 [1:2400006:3899] ET DROP Spamhaus DROP Listed Traffic Inbound group 7 ...
show more
BG_MNT-NETERRA_<33>1708500491 [1:2400006:3899] ET DROP Spamhaus DROP Listed Traffic Inbound group 7 [Classification: Misc Attack] [Priority: 2] {TCP} 91.92.252.166:63177
show less
Hacking
๐ฉ๐ช
psauxit
2024-02-20 17:36:10
(2 years ago)
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrp ...
show more
Fail2Ban - NGINX bad requests 400-401-403-404-444, high level vulnerability scanning, commonly xmlrpc_attack, wp-login brute force, excessive crawling/scraping
show less
Hacking
Web App Attack