Inbound Anomaly Score Exceeded (Total Score: 5). Operator GE matched 5 at TX:anomaly_score. (949110- ...
show moreInbound Anomaly Score Exceeded (Total Score: 5). Operator GE matched 5 at TX:anomaly_score. (949110-122)
show less
[Fri Aug 22 07:56:52.046362 2025] [security2:error] [pid 559696:tid 139764270360256] [client 104.28. ...
show more[Fri Aug 22 07:56:52.046362 2025] [security2:error] [pid 559696:tid 139764270360256] [client 104.28.250.134:50264] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i),.*?[\\"'\\\\)0-9`-f][\\"'`](?:[\\"'`].*?[\\"'`]|(?:\\\\r?\\\\n)?\\\\z|[^\\"'`]+)|[^0-9A-Z_a-z]select.+[^0-9A-Z_a-z]*?from|(?:alter|(?:(?:cre|trunc|upd)at|renam)e|d(?:e(?:lete|sc)|rop)|(?:inser|selec)t|load)[\\\\s\\\\x0b]*?\\\\([\\\\s\\\\x0b]*?space[\\\\s\\\\x0b]*?\\\\(" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "2129"] [id "942200"] [msg "Detects MySQL comment-/space-obfuscated injections and backtick termination"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: , like Gecko) Version/4.0 Chrome/139.0.7258.94 Mobile Safari/537.36 OcIdWebView ({\\x22os\\x22:\\x22Android\\x22, found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 (Linux; Android 13; 2201117
...
show less
Hacking
Web App Attack
Anonymous
2025-08-16T21:02:02.775537+02:00 zanati wp(sahpa.co.za)[1858117]: Blocked authentication attempt for ...
show more2025-08-16T21:02:02.775537+02:00 zanati wp(sahpa.co.za)[1858117]: Blocked authentication attempt for LisaNcube from 104.28.250.134
...
show less
LF_CPANEL: (cpanel) Failed cPanel login from 104.28.250.134 (CH/Switzerland/-): 1 in the last 3600 s ...
show moreLF_CPANEL: (cpanel) Failed cPanel login from 104.28.250.134 (CH/Switzerland/-): 1 in the last 3600 secs
show less
Brute-Force
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ