๐ธ๐ช
webbfabriken
2023-11-21 20:36:44
(2 years ago)
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbf ...
show more
spam or other hacking activities reported by webbfabriken security servers
Attack reported by Webbfabiken Security API - WFSecAPI
show less
Web Spam
๐ฉ๐ช
iNetWorker
2023-11-17 09:28:40
(2 years ago)
trolling for resource vulnerabilities
Web App Attack
Anonymous
2023-11-16 05:15:39
(2 years ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ฉ๐ช
ut-addicted.com
2023-11-16 03:58:12
(2 years ago)
\[Thu Nov 16 04:58:11.272823 2023\] \[:error\] \[pid 27083:tid 140108468500224\] \[client 92.221.105 ...
show more
\[Thu Nov 16 04:58:11.272823 2023\] \[:error\] \[pid 27083:tid 140108468500224\] \[client 92.221.105.169:56214\] \[client 92.221.105.169\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/wp-config.php_bk"\] \[unique_id "ZVWTU8DwWORKj53TXhKMtwAAANY"\]
show less
Brute-Force
Web App Attack
๐ฉ๐ช
MarkGGN
2023-11-16 01:31:28
(2 years ago)
Webexploits. 92.221.105.169 - - [16/Nov/2023:02:31:26 +0100] "GET //wp-config.php__olds HTTP/1.1" 30 ...
show more
Webexploits. 92.221.105.169 - - [16/Nov/2023:02:31:26 +0100] "GET //wp-config.php__olds HTTP/1.1" 301 5 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
92.221.105.169 - - [16/Nov/2023:02:31:27 +0100] "GET /wp-config.php__olds HTTP/1.1" 404 6597 "https://*//wp-config.php__olds" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
MAGIC
2023-11-15 10:03:58
(2 years ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฉ๐ฐ
gladsaxen.dk
2023-11-15 09:38:41
(2 years ago)
GET //wp-config.php.uk HTTP/1.1
Brute-Force
Web App Attack
Anonymous
2023-11-15 05:15:50
(2 years ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
mawan
2023-11-14 22:17:27
(2 years ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
Anonymous
2023-11-14 16:00:07
(2 years ago)
IP has triggered Cloudflare WAF
Bad Web Bot
Anonymous
2023-11-14 05:15:31
(2 years ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ฉ๐ช
ut-addicted.com
2023-11-14 03:37:01
(2 years ago)
\[Tue Nov 14 04:36:59.378097 2023\] \[:error\] \[pid 25118:tid 140587663578880\] \[client 92.221.105 ...
show more
\[Tue Nov 14 04:36:59.378097 2023\] \[:error\] \[pid 25118:tid 140587663578880\] \[client 92.221.105.169:36122\] \[client 92.221.105.169\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/wp-config.php.ini"\] \[unique_id "ZVLrW6JAgpV8dgl1lvfA4AAAAM0"\]
show less
Brute-Force
Web App Attack
๐ฉ๐ช
ut-addicted.com
2023-11-14 00:22:15
(2 years ago)
\[Tue Nov 14 01:22:13.805908 2023\] \[:error\] \[pid 15008:tid 139873728014080\] \[client 92.221.105 ...
show more
\[Tue Nov 14 01:22:13.805908 2023\] \[:error\] \[pid 15008:tid 139873728014080\] \[client 92.221.105.169:44384\] \[client 92.221.105.169\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/wp-config.php.gz"\] \[unique_id "ZVK9tRz57P3yhBus5m8SdgAAAM4"\]
show less
Brute-Force
Web App Attack
๐ฎ๐ฉ
Burayot
2023-11-13 08:50:54
(2 years ago)
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 92.221.105.169 (NO/Norway/169.92-221 ...
show more
LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 92.221.105.169 (NO/Norway/169.92-221-105.customer.lyse.net): 2 in the last 3600 secs
show less
Web App Attack
๐ฉ๐ช
ut-addicted.com
2023-11-13 08:13:44
(2 years ago)
\[Mon Nov 13 09:13:42.788244 2023\] \[:error\] \[pid 15008:tid 139873790953216\] \[client 92.221.105 ...
show more
\[Mon Nov 13 09:13:42.788244 2023\] \[:error\] \[pid 15008:tid 139873790953216\] \[client 92.221.105.169:53174\] \[client 92.221.105.169\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "crx.it"\] \[uri "/wp-config.php.backup.txt"\] \[unique_id "ZVHathz57P3yhBus5m-rkAAAAMg"\]
show less
Brute-Force
Web App Attack