TPI-Abuse
2024-08-08 13:35:28
(1 month ago)
(mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 09:35:22.226560 2024] [security2:error] [pid 5768:tid 5777] [client 185.106.93.69:48060] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)||www.killasgarage.bike|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.killasgarage.bike"] [uri "/uncategorized/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ZrTJmkK3vXWiFcQMU0QZbwAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 13:03:37
(1 month ago)
(mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 09:03:34.173692 2024] [security2:error] [pid 1024586:tid 1024586] [client 185.106.93.69:46748] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)||meganmurph.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "meganmurph.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ZrTCJt51iUdTRwwLBLPLUwAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 12:26:55
(1 month ago)
(mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 08:26:51.440966 2024] [security2:error] [pid 27621:tid 27621] [client 185.106.93.69:37606] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6787"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)||www.bickleton.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.bickleton.org"] [uri "/driving-directions/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ZrS5i-XgVX4ftohZFGpmGQAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
pusathosting.com
2024-08-08 11:40:04
(1 month ago)
2ds22 bruteforce
Brute-Force
Web App Attack
TPI-Abuse
2024-08-08 11:32:44
(1 month ago)
(mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 07:32:38.617448 2024] [security2:error] [pid 19114:tid 19181] [client 185.106.93.69:40076] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)||pref-realestate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "pref-realestate.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ZrSs1s6tL5RWHxnRkwXaAAAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack
VHosting
2024-08-08 11:07:23
(1 month ago)
Attempt from 185.106.93.69, reason: FailedCaptchaVerify
DDoS Attack
Bad Web Bot
bigscoots.com
2024-08-08 10:27:23
(1 month ago)
(PERMBLOCK) 185.106.93.69 (RU/Russia/debonair-design_n3.aeza.network) has had more than 4 temp block ... show more (PERMBLOCK) 185.106.93.69 (RU/Russia/debonair-design_n3.aeza.network) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs: show less
Brute-Force
SSH
TPI-Abuse
2024-08-08 10:26:49
(1 month ago)
(mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 06:26:43.640589 2024] [security2:error] [pid 24173:tid 24173] [client 185.106.93.69:41442] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)||www.ideaofauniversity.website|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.ideaofauniversity.website"] [uri "/the-author/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ZrSdY8GTL3alsQK7WuthowAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
bigscoots.com
2024-08-08 09:41:28
(1 month ago)
(PERMBLOCK) 185.106.93.69 (TR/Turkey/debonair-design_n3.aeza.network) has had more than 4 temp block ... show more (PERMBLOCK) 185.106.93.69 (TR/Turkey/debonair-design_n3.aeza.network) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs: show less
Brute-Force
SSH
TPI-Abuse
2024-08-08 06:27:27
(1 month ago)
(mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 02:27:23.662285 2024] [security2:error] [pid 27608:tid 27608] [client 185.106.93.69:40344] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6778"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)||www.arkafeart.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "www.arkafeart.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ZrRlSwLRFjBXoYghziu7WgAAACk"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-08-08 05:27:00
(1 month ago)
-
Web App Attack
TPI-Abuse
2024-08-08 05:09:45
(1 month ago)
(mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:234930) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 01:09:40.235440 2024] [security2:error] [pid 10446:tid 10446] [client 185.106.93.69:48712] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\/lib\\\\/php\\\\/connector\\\\.minimal\\\\.php$" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/27_Apps_WPPlugin.conf"] [line "6787"] [id "234930"] [rev "2"] [msg "COMODO WAF: File upload vulnerability in the file manager plugin before 6.9 for WordPress (CVE-2020-25213)||newcitypark.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WPPlugin"] [hostname "newcitypark.com"] [uri "/wp-content/plugins/wp-file-manager/lib/php/connector.minimal.php"] [unique_id "ZrRTFOum7T6CPa7k8DoyiQAAAAk"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 04:37:56
(1 month ago)
(mod_security) mod_security (id:240000) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:240000) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 00:37:50.513545 2024] [security2:error] [pid 12952:tid 12952] [client 185.106.93.69:59258] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||acmax.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "acmax.com"] [uri "/home/images/stories/evil.php"] [unique_id "ZrRLnswJJWzqlKpPPBf6VgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-08 03:59:06
(1 month ago)
(mod_security) mod_security (id:225170) triggered by 185.106.93.69 (debonair-design_n3.aeza.network) ... show more (mod_security) mod_security (id:225170) triggered by 185.106.93.69 (debonair-design_n3.aeza.network): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 07 23:59:02.056214 2024] [security2:error] [pid 19446:tid 19446] [client 185.106.93.69:45698] [client 185.106.93.69] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.ncrcs.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.ncrcs.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "ZrRChoaAbpPUzYl_nc-LVwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Cloudkul Cloudkul
2024-08-08 03:48:04
(1 month ago)
Multiple unauthorized attempts to access web resources
Brute-Force
Web App Attack