Directory Harvest

My ebook shows up at http://66.199.228.237/boundary/Sexual_Addiction/Understanding%20Cross%20Addiction.pdf in the number one spot on google. I have this ebook for sale elsewhere. It disappeared from...

this website is copying my content and not honoring my copyright. They are using my content and selling to other website, as though it is their original material....

This ip address has placed orders with fake name, address and telephone numbers on several occasions during the past 3 months. Each time the order is cancelled at the payment gateway...

Aug 13, 2012 Subscription Creation To OPPapers.com Aug 13, 2012 Payment To FastSpring Sep 8, 2012 Subscription Creation To OPPapers.com Sep 14, 2012 Subscription Cancellation To OPPapers.com Oct 17, 2...

The ip is trying to access out comapny via FTP open end. The IP has DOS denial of access attacks on the front end of our website....

A total of 1 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit): /?-d%20allow_url_include%3...

A total of 1 possible successful probes were detected (the following URLs contain strings that match one or more of a listing of strings that indicate a possible exploit): /?-d%20allow_url_include%3...

First Time on Fiverr BLAST in Backlinks Market, Yes Its 52 links From Blog Commenting, All Do Follow , All Approved, All Manually Submit, All Good Comments on Blogs, All On Actual Page, We Send Comple...

IP address 58.241.40.74 has been attempting to gain remote access to a server that is located in USA. This IP address is not authorised to access this server....

A User from this IP is attempting to gain access to our mail server performing login guessing attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing login guessing attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

=-=-=-=-=-=-= Sep 26 16:18:15 localhost suhosin[19014]: ALERT - tried to register forbidden variable \'_SESSION[!bla]\' through GET variables (attacker \'59.152.193.27\', file \'/usr/share/phpmyadmin/...

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing programmed directory harvest attacks until now unsuccesfully. Please take note of this offender....

A User from this IP is attempting to gain access to our mail server performing directory harvest attacks until now unsuccesfully. Please take note of this offender....

A user from this address 93.114.45.160 has performed sporadic login attempts using common email adresses in a clear attempt to gain access to our server....

The user on this IP, 211.235.228.43, is performing directory harvest attacks using dictionary based login attempts on our mail server. Please be wary of this IP...

A user from this IP address in Dallas, US, has performed several attempts to hack email accounts using dictionary harvest attack on our mail server....

****Hot****selling fresh cvv, dumps,bin,Wu trsfer,tracks 1&2 with pin etc........ Sell Cvv + Transfer WU + Bank Login + Dumsp + Paypal .... IF YOU NEED, CONTACT ME BY Yahoo : mayback.money Mai...

Dear sir, can i know who is the person using this ip address its just a personal enquiry.please please help me for this any phone numbers, address anything...

Sending email labeled as being from my email address to people in my address book. Email they are sending has a link to an unknown site. I don\'t know if it is malicious http://t.co/kPM9zwm1 ...

****Hot****selling fresh cvv, dumps,bin,Wu trsfer,tracks 1&2 with pin etc........ Sell Cvv + Transfer WU + Bank Login + Dumsp + Paypal .... IF YOU NEED, CONTACT ME BY Yahoo : mayback.money Mai...

****Hot****selling fresh cvv, dumps,bin,Wu trsfer,tracks 1&2 with pin etc........ Sell Cvv + Transfer WU + Bank Login + Dumsp + Paypal .... IF YOU NEED, CONTACT ME BY Yahoo : mayback.money Mai...

The e-mail addresses and the alias names in my Yahoo! account were gathered. My contacts received e-mails with a \"from\" name similatr to mine, but if you click on it, noreply@iqelite.com ...

IP address 211.71.192.80 hs been attempting to gain remote access to a server that is located within New Zealand. This IP address does not have the authority to access the server....

The issue----(read all below) Note: I apologize if this message is not translated correctly. Does the Russian federation own picktorrent.eu? - I did forget that eu did stand for Russian. Sorry, I did...

Remote access was attempted from IP address 122.183.88.186 into a server located within New Zealand. This IP address does not have the authority to access this server....

Dear Travelers, A cordial Namaste from the Welcome Nepal Trekking Agency!! We cordially welcome to Welcome Nepal Treks and Tours Pvt. Ltd. We would like to introduce Nepal Trekking Company /Nepal Trek...

IP address 186.212.67.243 has been attempting to gain access to a server located within NZ remotely. This IP address has no authority to access this server....

This ip is trying to access a large number of directories that do not exist on our server, and is causing many 404 errors and consuming server resources....

WordPress Firewall has detected and blocked a potential attack! Web Page: xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx Warning: URL may contain dangerous content! Offending IP: 95.211.58.114 [ Get IP locati...

IP address 189.105.162.89 has been attempting to gain remote access to a server that is located within NZ. This IP address has no authority to access this server....

IP address 90.188.52.201 has been attempting to gain remote access to a server that is located within NZ. This IP address has no authority to access this server....

IF YOU NEED, CONTACT ME BY Yahoo : mayback.money Mail : mayback.money@yahoo.com CHAT WITH ME FOR FURTHER INFORMATION ------------- do WU Transfer ------------- Transfer : US,UK,CA,AU,EU,France,Ge...

IF YOU NEED, CONTACT ME BY Yahoo : mayback.money Mail : mayback.money@yahoo.com CHAT WITH ME FOR FURTHER INFORMATION ------------- do WU Transfer ------------- Transfer : US,UK,CA,AU,EU,France,Ge...

appears to be a directory harvestor on a brand new site. 435 hits in two minutes on brand new site with extensive image database...

This is the third occasion that against the terms of our site this IP address has been used to harvest data from our services directory. We have received suspicious and high volume of requests direct...

constantly on the website, viewing pages. Not sure what business it has returning to the website so often. Very strange behavior from IP that should have no interest in the content of the site....

To many 401 error searches. Seem looking for infected plugins to exploit. The attack is happening almost everyday but the systems blocks it. Wold be nice to block complete this IP....

IP address 189.72.227.98 has been attempting to remotely access a server located within New Zealand. This IP address has no authority to access this server....

IP address 58.241.40.74 has been attempting to gain remote access to a server that is located in New Zealand. This IP address is not authorised to access this server....

IP address 94.242.208.9 has been attempting to access a server remotely which this IP address has no authority to access hence why the IP address is being reported...

unknown user from ip 120.39.183.250 tried to access phpmyadmin directory. no way... unknown user from ip 120.39.183.250 tried to access phpmyadmin directory. no way... unknown user from ip 120.39.183....

numerous attempts to find database admin panel by scanning for directories. numerous attempts to find database admin panel by scanning for directories. minimum 25 words you know...

189.160.37.40 dyn.prod-infinitum.com.mx tried to access my account please look into this and do what ever you can to stop them it does not make feel that I want a gmail account and may end up cancel...

IP address 80.152.242.141 has been attempting to remotely access a server in New Zealand. This IP address does not have the authority to access this server...

IP address 41.0.38.221 is been attempting to gain access to a server within New Zealand. This IP address does not have the authority to access this server....

IP address 92.110.142.48 has been trying to gain remote access into a server that is located within New Zealand. This IP address is not authorised to access this server....

IP address 95.110.142.48 has been trying to gain remote access to a server that is located within New Zealand. This IP address does not have authority to try and gain remote access....

X-Apparently-To: udcoats@yahoo.co.in via 106.10.149.61; Tue, 22 May 2012 00:13:21 +0000 Return-Path: <capt.moham.edelhweij35@msn.com> X-YahooFilteredBulk: 65.55.111.166 Received-SPF: ...

Looking in the current fashion trends, sunglasses are an essential aspect of almost everyone\'s existence. <a href=\"http://www.cheapoakleysunglasseshut.org/\"><strong>Oakley Sun...

<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"> <HTML><HEAD> <META content=\"text/html; charset=gb2312\" http-equiv=Content-Type> <META ...

Ignores robots.txt and tries to spider entire site. Makes multiple connections spaced over a few days to try to avoid being spotted as a bot....

May 04 20:11:12 CMSBlogs01 beatrizquiroz-access.log: 200.111.103.68 - - [04/May/2012:22:11:12 -0500] \"GET /phpMyAdmin-2.6.0-rc2/scripts/setup.php HTTP/1.1\" 404 3184 \"-\" \"...

seems to be harvesting the directory at worldnet.att.com. Not yet sure how it is doing so, but it seems to be relaying through my local MTA (Groupwise). ...

IP address 203.206.184.173 which appears to be based in Australia has been trying to access a server remotely which they have no authority to do so....

hello how are you my name is andaline i will like to be your friend please contact me at on my email( andaline_baby2@yahoo.co.uk) for me to tell you more about me OK andaline_baby2@yahoo.co.uk...

The attack keep server on out network. we keep seeing this in our logs. we block them for now 4/28/2012 11:54:09 PM Suspicious network attack Intrusion.Generic.WebApp.DirTravers.exploit 220.181.108.7...

Type: IPv4 Subnet Mask IP: 169.254.54.93 Mask: 255.255.0.0 Sends various packets to this address -- takes over the PC for lengthy periods of time. Uses Microsoft Search to index all contents of d...

The IP address 208.2.174.38 has made over 600 attempts at acessing a server they have no legal reason and/or authority to access in New Zealand...

Scumbag is probing for domain weaknesses. Router log reads - TCP: domain connection attempt from 64.94.88.20:2194 TCP: domain connection attempt from 64.94.88.20:9966 last message repeated 2 times...

This URL contains my email address (s_t_e_v_e_f@yahoo.com) which can easily be spam harvested doing google searches. Could you please remove or change my address so that it is not visible? http://www...

okkokih j jhknmuiytfughjk kjfdyxcvbhjn jkhfjdsxjckhuijko jklfdtrsuudfgij hgkgh kjjcf jfkdlj skjdfslfj skfjs kljkslfj klsjf ksljf skfj lsjfk s lksfj lskfj slfkjksjfk skfj klsfj skjfsk lfsj klfjsklfj ...

Site 208.87.32.71 attempted a directory harvest on a virtual \'honeypot\' front end that I employ just to keep animals like these out of my system. They are annoying and possibly destructive if valid ...

87.180.209.148 has been multiple attempts of gaining access to a server locateed within New Zealand which they have no authority to access remotely or locally....

The remote source of 81.198.118.120 has attemped to gain remote access to one of the sites we administer 14605 times in the last 24 hours....

The remote source of 83.168.15.4 has attemped to gain remote access to one of the sites we administer 1335 times in the last 24 hours....

When runing a tracert never can see this happening however when running wireshark and do a tracert to any URL you see this ip plus a few other: this is the last one on the list 189.240.86.68 but the i...

this ip just tried to make my pc connect to this ip, but my antivirus blocked it, and i have no relationship whatoever with the seychelles!...

Hello Everybody, My name is Mrs. Monica Roland. I live in UK London and i am a happy woman today? and i told my self that any lender that rescue my family from our poor situation, i will refer any pe...

A virus was downloaded into my PC, causing me to be redirected to 63.209. 69.107 every time I perform a search on any search engine ...

http://www.storeblackhawks.com/31-martin-havlat-jersey Martin Havlat Jersey http://www.storeblackhawks.com/26-john-madden-jersey John Madden Jersey http://www.storeblackhawks.com/3...

person represents self as A employee of hotmail and attempts to gather full name, passwohd, and alt mail info. I am also turning this into local FCC....

Try to find translators.html, related to phpMyAdmin. Multiple tries (based on IP and domain name, different directories) Sub-Directories includes mysql, phpmyadmin, pma, admin and a combination of the...

Downloaded rootkit to computer through unknown sourse and it attached to sv.host file and it keeps attempting to send my information through a keygin to this IP ...

tried to call /plugins/ editors/ tinymce /jscripts /tiny_mce/ plugins /tinybrowser/ upload.php . . . . . . . . . . . . ...

This IP belongs to a company Credit Clear (Pty) Ltd. A similar company Hetzner (Pty) Ltd is their Internet Service Provider. A female person with an African accent regularly phones all of my family me...

<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"> <HTML><HEAD> <META content=\"text/html; charset=gb2312\" http-equiv=Content-Type> <META ...

Have my webcam server set to alert me on connections, even though I\'m the only one with a l/p. Heard the noise, checked the logs. They downloaded the entire default gallery directory for today, (unso...

Something from this IP is scanning a Wordpress vulnerability in timthumb.php script, present in some old themes, which may allow automated remote upload to a Wordpress folder of anything you want. T...

Brand sport shoes like asics shoes,nike air max shoes became the most famous retailer in the European region even in the world,At the same time Moncler winter jackets sale developed more and more prod...

A total of 103 \"GET /setup.php\". On 30/Dec/2011:23:18:11. No UA was listed. I have have had at least 3 or 4 scans like this in the last year. I do not remember any before....

Wed Feb 08 07:41:36 2012] [error] [client 58.225.62.22] File does not exist: /var/www/html/index.php [Wed Feb 08 07:41:37 2012] [error] [client 58.225.62.22] File does not exist: /var/www/html/admin [...

64.22.106.82 Gigabot/3.0 (http://www.gigablast.com/spider.html) But apparently not in gigablasts network range 64.22.106.82 - - [05/Feb/2012:09:34:49 -0500] \"GET /calendar/ical/2011-04-21 HTTP...

[Fri Feb 03 12:38:54 2012] [error] [client 109.235.216.21] File does not exist: /home/path/to/Framework/dev/vhosts [Fri Feb 03 12:38:55 2012] [error] [client 109.235.216.21] File does not exist: /home...

Thought my httpd had been compromised, but since you have these results on Dec.19 \'11 as well I believe it was an error on the part of goog. These results in goog webmaster tools files not found. Hel...

Multiple attempts to scrape my web servers for ip.php, proxyheader.php. Attempts are surrounding attempts from very similar ip\'s in the same subnet; client: 58.218.199.147 - host: \"www.traveli...

Someone is using ZmEu, or whatever it is, coming from this IP address. It appears on my apache logs. Someone is trying to guess some known directory names like \'/pma\' or \'/mysql\'...

I\'ve received some tryings of intrusion into my webserver coming these IP addresses: 211.151.97.43 76.73.39.194 184.72.253.250 211.151.97.43 204.209.44.250 213.156.49.55 This address is on the list...

Our email account soporte@solucionweb.com and ventas@solucionweb.com is been 3 days under brute force dictionary spam attack and it is causing serious problems to our business. PLease block it Regar...

IP in Russia Federation making numberous attempts to gain access to Network. According to my Server Logs this IP address has hundreds, over last hour, of failed attempts to hack into our network usin...

This IP which located in London, United Kingdomis constantly trying to get into our network . This IP has made numberous attempts to gain access to my servers even though they never got in. ISA is blo...

w00tw00t.at.blackhats.romanian.anti-sec:) page not found 01/06/2012 - 16:53 MyAdmin/scripts/setup.php Anonymous warning page not found 01/06/2012 - 16:53 myadmin/scripts/setup.php Anonymous warning ...

WordPress Firewall has detected and blocked a potential attack! Web Page: ecuisine.sanspubs.com/index.php?option=com_simpledownload&controller=../../../../../../../../../../../../../../../proc/...

WordPress Firewall has detected and blocked a potential attack! Web Page: ecuisine.sanspubs.com/index.php?option=com_simpledownload&controller=../../../../../../../../../../../../../../../proc/...

I mellemtiden kan <a href=\"http://www.beatsbydrdredk.com\"><strong>Dre Beats</strong></a>giver 110db fleksibilitet til at vise de enkelte detaljer i Rock, Hip Hot og...

I have had numerous attacks from this ip address lately, I some times get hit up as much as 20 times a day from the ISP Network Operations Center, we need globle Internet Police that can that can take...

FUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFFFUCK OFF...

warning page not found 12/19/2011 - 17:39 Agora_PATH/mdweb/admin/inc/organisations/country_ins ... Anonymous warning page not found 12/19/2011 - 17:39 Agora_PATH/mdweb/admin/inc/organisations/form_or...

This is my server apache log : [Fri Dec 16 22:13:18 2011] [error] [client 58.218.199.147] File does not exist: /var/www/proxyheader.php I don\'t want this client to check my server...

I got a lot of annoying things from this IP : [Fri Dec 16 21:13:39 2011] [error] [client 217.33.64.203] File does not exist: /var/www/scgi-bin [Fri Dec 16 21:13:39 2011] [error] [client 217.33.64.203...

Continues issues with cns.chelmsfdrdc2.ma.boston.comcast.net showing in IIS where users are trying to look for directories on the file system. This has been happening for several weeks. By the way, Ca...

The IP 221.122.66.23 is running a bot trying to gain access to PHP, DB, sql, etc files on the server. The attempts are failing - but it is persistent....

hogan outlet exceptional organization! Wonderful seller and service!.Very quickly <H1><a href=\"http://www.outletscarpehoganshoessale.com/products_all.html\" title=\"hogan outl...

this number is sending emails from my address book which get returned by mailer deamon, it seems that it is generating emails aand sending them...

on 25 November at around 0100 hrs GMT a security plugin alerted aoubt 20 threats all from this IP on a Wordpress site all around the same time....

here is the log entry for the attempted connection to a software on my server which doesn\'t exist: [Wed Nov 23 15:34:34 2011] [error] [client 58.218.199.147] script \'/www/default/judge.php\' not fo...

Here\'s the log entry of the harvest: [Wed Nov 23 02:31:46 2011] [error] [client 212.97.152.14] File does not exist: /www/default/user some words to fill up for the requirements...

This IP 89.105.128.227 which is located in Krasnoyarsk Krasnoyarsk Russian Federation is constantly trying to get into our server and network every day. This IP has made several attempts to gain acc...

<p> One can choose to learn animation so that they can do it for fun while others learn it so that they can pursue it as a career. No matter how you want to apply it burberry scarf?<a href=\&...

Bachmann came to the debate prepared. <a href=\"http://www.cheapgriffeyshoesstore.net/\" title=\"Ken Griffey Shoes\"><strong>Ken Griffey Shoes</strong></a> ...

This IP attempted a hack on my website. He is attempting to gain access to admin files.This IP address should be banned and information on any hack attempts on your site should be sent to: abuse@vdswi...

This IP attempted an unsuccessful server access hack on company servers using a dictionary attack for over 8 hours from the administrative backend. This IP address has shown up in security logs on num...

Was seen visiting a certain directory in our cpanel. Blacklisted by the owner of cpanel as soon as this ip address had been found out.....

Business network in the Western US. Receiving scan attacks from this IP address. IP keeps on appearing in our server Security logs. Conveniently it is being blocked but I have no idea what these peopl...

Permanently harversting my server and trying to reach admin sector by using all kinds of call. It supouse they are sleeping when we are awaek... what is this guy... a vampire?...

this Ip addres is not opening..whats the problem.help it was opening yesterday but today it say Google chrome can\'t connect to this IP address.help please...

This should say enough: [Sun Oct 09 20:53:48 2011] [error] [client 58.218.199.250] script \'/var/www/proxyheader.php\' not found or unable to stat [Sun Oct 09 20:55:40 2011] [error] [client 58.218.19...

This IP is harvesting everything on your directory, all pages, all files. Including files meant to send them in a bot trap. This IP address must be blocked and sent immediately to a bot trap. This har...

Appears to be selectively harvesting,and also pinging.And [DOS attack: RST Scan] attack packets in last 20 sec. Intermittently cache snooping and consistent at all IP\'s...

This IP scanned my server for usual database-managers and so forth. Examples; [Sat Oct 01 20:52:02 2011] [error] [client 84.200.12.210] File does not exist: /var/www/php-myadmin Ban him for life i s...

Tried to harvest this file: /plugins/editors/tinymce/jscripts/tiny_mce/plugins/tinybrowser/upload.php Got an 404 on my part but people have to block this IP everywhere. Kick this IP goodbye in your ...

Unsucessfull attempts to access company server hundreds of times in a 2 hour period attempting to log in using a fake administrator account which failed then starting a full blown brute force dictiona...

Nike Dunk HeelsNike Dunk Heels Nike Dunk Heels Nike Dunk Heels Nike Dunk Heels Nike Dunk Heels Nike Heels Nike Heels For Women Dunk SB Heels ...

Some people have allergy-like [url=http://www.nikesbheels.com/][b]Nike Dunk Heels[/b][/url] reactions to hot or cold temperatures, sunlight, or other environmental [url=http://www.nikesbheels.com/][b]...

Some people have allergy-like <a href=\"http://www.nikesbheels.com/\" title=\"Nike Dunk Heels\"><strong>Nike Dunk Heels</strong></a>reactions to hot or cold...

Using dictionary attack, daily to attempt log in to company servers. Consistantly shows up in server log as failed attempt to log in using hundreds of names and passwords to gain access.Scanning all p...

This IP address is trying a dictionary password attack againt my Mailtraq email server. i.e using standard dictionary passwords to guess the username and password I don`t know why they try this as thi...

I am an IT consultant and this is the 3rd one today that has this same infection. This person contacted me from my profile on Match.com...

They are trying to find files which might damage the website, truthfully i don\'t mind either way because i\'m sure the website is safe however some people might have complains about this. ...

Bots keep coming from whole PSINet IP block of 38.0.0.0 - 38.255.255.255. User agent of \'Mozilla/5.0\' checks robots.txt, then some UA claiming to be safari, from the same IP, ignores the robots.txt ...

<!DOCTYPE HTML PUBLIC \"-//W3C//DTD HTML 4.0 Transitional//EN\"> <html> <head> <title>Search Results for \"How To Make Cracked Apps Update Through Itunes\"...

every time i click on a search link on google ect. it sends me to there with results that have nothing to do with what i am searching for HELP ME STOP THIS IP 63.209.69.107...

Log: [Wed Aug 03 13:00:01 2011] [error] [client 89.47.94.3] (20024)The given path is misformatted or contained invalid characters: Cannot map GET /w00tw00t.at.blackhats.romanian.anti-sec:) HTTP/1.1 t...

77.246.181.218 tries to access phpadmin error log snippet [Fri Jul 15 12:34:03 2011] [error] [client 77.246.181.218] File does not exist: C:/Program Files/Apache Software Foundation/Apache2.2/htdocs...

Using brute force dictonary attack to try and guess username and/or password to a domain server. Uses, golf, aloha, admin, POS, and other names to try and gain access. Attacks occur mostly in evenings...

45 h Anonymous 10 41.197.20.10 /store/install.txt Unknown 45 h Anonymous 11 41.197.20.10 /cart/install.txt Unknown 45 h Anonymous 12 41.197.20.10 /boutique/install.txt Unknown 45 h Ano...

http://hotelwilliamslake.com/cp/714/booty-clap.html booty clap, ypc, http://temple4.org/images/074/practice-test.html practice test, %OOO, http://trilogicllc.com/wp-admin/04/streaming-video.html str...

http://conecrusher.info/cp/99/ables-ammo.html ables ammo, rxiui, http://electriquescooter.info/wp-includes/330/sig-p239.html sig p239, kyrt, http://chriscoons.info/cgi-bin/333/tony-blair.html tony b...

http://ewingcable.com/logs/830/high-school-sex.html high school sex, 085523, http://devifoods.com/liveconcert/68/ugly-naked-women.html ugly naked women, 32567, http://secaph.com/cp/70/london-masters...

http://woods-paintball.com/images/74/casio-sales-tampa.html casio sales tampa, =-P, http://laboratorylattice.com/javascript/393/windows-installer-download.html windows installer download, zmssbf, ht...

http://specialneeds-therapyproducts.com/host-images/674/the-uncensored.html the uncensored, 8))), http://midwiveskansascity.com/cp/274/triwest-healthcare-alliance.html triwest healthcare alliance, 1...

http://softpros.in/ASPSecured/219/long-porn-vids.html long porn vids, 8-(((, http://internetbusinessblogs.info/cp/75/bejeweled-blitz-cheats.html bejeweled blitz cheats, >:-OO, http://blackdiamondgun...

http://lauripsp.com/cp/22/ohio-dnr.html ohio dnr, >:((, http://jrtutors.com/Do Not Open/14/prostate-cancer-symptoms.html prostate cancer symptoms, :-)), http://nailedpics.com/logo/48/sulfameth-trime...

http://6164nlodi.info/index_files/156/verizon-amphitheater.html verizon amphitheater, 9281, http://sealed-units.com/p7pm/60/baltimore-card-outlet.html baltimore card outlet, %-[[[, http://homescape3...

http://abbotsfordbcgym.com/images/34/ivytech-campus-connect.html ivytech campus connect, 33483, http://softspec.com/images/36/fuq-tube.html fuq tube, gotuw, http://nonliberalnews.com/cp/43/living-in...

http://wallythewombat.com/Hawaii/205/xnxx-lesbian.html xnxx lesbian, >:-DD, http://liontel.in/cp/857/hot-blonds.html hot blonds, =OO, http://only-story.com/cp/363/bull-snake.html bull snake, 627125...

http://emerge-corp.com/cab/649/free-gay-twink-videos.html free gay twink videos, xglnfv, http://subhaskar.com/old/11/randy-orton-nude.html randy orton nude, gkopx, http://spiritual-fusui.com/cp/486/...

port scanning and folder scanning to access folders on our domain...

207.171.3.154 /w00tw00t.at.blackhats.romanian.anti-sec:) Http Code: 404 Date: Sep 27 12:17:57 Http Version: HTTP/1.1 Size in Bytes: 233 Referer: - Agent: ZmEu /scripts/setup.php Http C...

Same as the first posts. Looking for serves scripts: ../phpMyAdmin-2.6.3/scripts/setup.php ../webadmin/scripts/setup.php ../webdb/scripts/setup.php ../mysql-admin/scripts/setup.php...

Appears to be scanning the web server for URLs that were posted on either usenet or facebook long ago. All the links are old and defunct but most are retried several times a day for many days....

Since end of July, this IP is regularly hitting my web server to request a php file on a remote server, probably to collect a directory of anonymous proxies. Here are log extracts: /var/log/apac...

Tried to probe Apache server but unsuccessful....

Massive scannning my directories to find some kind of sqladmin. Particulary looking for phpmyadmin...

this kinda crap found in my logs 07/27/2010 - 03:33 Page not found phpmy-admin/scripts/setup.php Anonymous...

Attempting to directory harvest Sendinf emails to non-existant email users....

The user tried top find vulnerable phpMyAdmin installation...

I found out just as it happened, SOME SOB hijacked MY IP. I am going to find the SOB and hang his MFA, if not i am going to ask for chine to be NUKED....

scanned for the following: GET /phpmyadmin/main.php GET /db/main.php HTTP/1.0 GET /PMA/main.php HTTP/1.0 GET /myadmin/main.php HTTP/1.0 GET /sqladmin/main.php GET /phpadmin/main.php HTTP/1.0...

82.165.130.74 - - [26/May/2010:05:53:52 +0100] "GET /roundcubemail/README HTTP/1.1" 403 222 82.165.130.74 - - [26/May/2010:05:53:52 +0100] "GET /rc/README HTTP/1.1" 403 211 82.165.130.74 - - [26/May...

==29000000============================== Request: localhost 80.154.35.144 - - [10/May/2010:10:43:31 +0300] "GET /w00tw00t.at.ISC.SANS.DFind:) HTTP/1.1" 400 342 "-" "-" - "-" ------------------------...

210.0.140.87 - - [08/Apr/2010:17:26:06 -0400] \\\"GET HTTP/1.1 HTTP/1.1\\\" 400 381 \\\"-\\\" \\\"Toata dragostea mea pentru diavola\\\" 210.0.140.87 - - [08/Apr/2010:17:26:07 -0400] \\\"GET /zen-car...

2010-04-02 04:36:07 GET /install.txt - - 75.75.254.96 HTTP/1.1 Toata+dragostea+mea+pentru+diavola - - 404 0 64 0 186 6357 2010-04-02 04:36:08 GET /cart/install.txt - - 75.75.254.96 HTTP/1.1 Toata+dra...

It's kind of hard to explain. He somehow found my e-mail address and sent a VERY bad e-mail to my entire address book. I had to apologize for it afterward. The message never appeared in my Sent fol...

http://www.google.com/search?q=CYVEILLANCE dirty wankers...

Probably an unwitting participant in a botnet - this type of attack is sometimes described as an SSH dictionary attack - and please note origin is US so it's not just the Chinese who are part of this....

Consistently scanning ports, definitely a bot or a farm of little yellow men behind computers. Retribution will be sweet...

Hit my web server looking for a proxy....

This guy hits my web server a couple a times a day trying to retrieve the same URL \\\\\\\"/fastenv\\\\\\\" which appears to be some kind of tool used along side proxies. So my guess is he is scannin...

Nxnsospsodmdmdkdkkdieirnfnxkxpapqpwnririrndmcmx...

Dhsjakbwjsjdjhjsjskabehqjvehdhxixnbdjkxjsjdbwkzncjsjsbdfsbgnetnsf exhafnsnegnegnbf qfbw.Megngagbrbdgevfsgsvf RCA d dvdbddjrkdvrrvd bentnrsjsvecdhe dbvdthtiehehdbdd vbrbrbjf RNA d rndhebshfsjr vc grbr....

euro ripe net route trace rtw.nl=ns1,dnsnode.nl 194.146.106.42 root service dynamic spam and reports havester ns1,vuurwerk.nl 62.250.2.2 records serial number 2005061008 refresh 2880 postmaster...

euro ripe net route trace rtw.nl=ns1,dnsnode.nl 194.146.106.42 server dynamic spam and reports havester ns1,vuurwerk.nl 62.250.2.2 look 62.250.4.138 records serial number 2005061008 refresh 2880 pos...

Rtw.nl=ns1,dnsnode.nl 194.146.106.42 server dynamic spam and reports havester ns1,vuurwerk.nl 62.250.2.2 look 62.250.4.138 records serial number 2005061008 refresh 2880 postmaster ...

Rtw.nl=ns1,dnsnode.nl 194.146.106.42 server dynamic spam and reports havester ns1,vuurwerk.nl 62.250.2.2 look 62.250.4.138 records...

This IP from china is using a downloader to harvest files....

your site keeps bouncing my report please contact bergmannrr at yahoo dot com for more information...

A bad robot hit /directory/ 2009-08-03 address is 69.79.44.13, agent is Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)...

Z|o|2009-07-28 05:09:09|o|217.133.53.120|o|dzial|o|http://www.plusnaweb.com.br/123.txt???|o|(/content.php) Z|o|2009-07-28 05:09:10|o|217.133.53.120|o|dzial|o|../../../../../../../../../../../proc/sel...

Wish I knew how to stop this......

Wish I knew how to stop this......

I've blocked the IP now....

Repeatedly tried to gain access to our network logging in as Administrator....