Savvii
2024-12-01 23:01:18
(23 hours ago)
15 attempts against mh-modsecurity-ban on drop
Brute-Force
Web App Attack
niceshops.com
2024-12-01 00:57:55
(1 day ago)
Large amount of http-requests in short time ([30/Nov/2024:22:33:41.648] )
Bad Web Bot
Anonymous
2024-11-30 17:16:04
(2 days ago)
4.227.36.123 - - [30/Nov/2024:14:16:00 -0300] "GET /wp-admin/setup-config.php?step=1"?step=1&quo ... show more 4.227.36.123 - - [30/Nov/2024:14:16:00 -0300] "GET /wp-admin/setup-config.php?step=1"?step=1" HTTP/1.1" 404 56 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.2; +https://openai.com/gptbot)"
... show less
Web App Attack
rtbh.com.tr
2024-11-27 20:53:04
(5 days ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
Savvii
2024-11-27 19:50:36
(5 days ago)
15 attempts against mh-modsecurity-ban on drop
Brute-Force
Web App Attack
cmbplf
2024-11-27 13:59:24
(5 days ago)
28.918 requests from abuseipdb.com blacklisted IP (1yr11mos2w)
Brute-Force
Bad Web Bot
rtbh.com.tr
2024-11-26 20:53:05
(6 days ago)
list.rtbh.com.tr report: tcp/0
Brute-Force
TPI-Abuse
2024-11-26 05:57:31
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 4.227.36.123 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 4.227.36.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 00:57:26.096861 2024] [security2:error] [pid 1438824:tid 1438824] [client 4.227.36.123:50412] [client 4.227.36.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||christineaholtz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "christineaholtz.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z0VjRo3SOJ-VzLPfVxX-pQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
ghostwarriors
2024-11-26 01:50:04
(6 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
ksol-hostmaster
2024-11-26 01:38:22
(6 days ago)
2024/11/26 02:38:21 [error] 94270#850602: *4069471 limiting requests, excess: 0.814 by zone "crawler ... show more 2024/11/26 02:38:21 [error] 94270#850602: *4069471 limiting requests, excess: 0.814 by zone "crawler", client: 4.227.36.123, server: crxforum.ksol.io, request: "GET /showTopic.php?topicId=324&seed=67451fd65222f HTTP/2.0", host: "crxforum.ksol.io"
... show less
Bad Web Bot
taivas.nl
2024-11-25 05:32:10
(1 week ago)
Bad_requests
Bad Web Bot
Swiptly
2024-11-23 11:07:06
(1 week ago)
Aggressive SEO Bots
...
Bad Web Bot
TPI-Abuse
2024-11-22 22:03:41
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 4.227.36.123 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 4.227.36.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 22 17:03:36.237642 2024] [security2:error] [pid 6268:tid 6268] [client 4.227.36.123:39326] [client 4.227.36.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.monogay.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.monogay.org"] [uri "/wp-json/wp/v2/users/1"] [unique_id "Z0D_uMWPgVgQjypkhNRBmQAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-21 11:47:06
(1 week ago)
(mod_security) mod_security (id:225170) triggered by 4.227.36.123 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 4.227.36.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 21 06:47:00.601265 2024] [security2:error] [pid 16059:tid 16059] [client 4.227.36.123:35468] [client 4.227.36.123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||guldunyayayinlari.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "guldunyayayinlari.com"] [uri "/wp-json/wp/v2/users/2"] [unique_id "Zz8dtFGhZCJgD-vwVrdgpwAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Charles
2024-11-21 02:50:59
(1 week ago)
4.227.36.123 - - [21/Nov/2024:10:50:57 +0800] "GET /eng/p2videos.html HTTP/1.1" 200 5036 "-" "Mozill ... show more 4.227.36.123 - - [21/Nov/2024:10:50:57 +0800] "GET /eng/p2videos.html HTTP/1.1" 200 5036 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.2; +https://openai.com/gptbot)"
... show less
Web Spam
Email Spam
Brute-Force
Bad Web Bot
Web App Attack
SSH