๐ธ๐ฐ
GOVCERT
2026-02-02 17:29:27
(5 months ago)
Brute Force Detected
Brute-Force
Web App Attack
Anonymous
2026-02-02 09:23:55
(5 months ago)
(mod_security) mod_security triggered on hostname [redacted])
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-02-01 11:46:31
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 45.11.89.19 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 45.11.89.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:46:26.573212 2026] [security2:error] [pid 12922:tid 12922] [client 45.11.89.19:64149] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.school.digitalsolutions.help|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.school.digitalsolutions.help"] [uri "/wp-json/wp/v2/users"] [unique_id "aX89EtESRriimyV1_efboQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฐ
GOVCERT
2026-02-01 09:37:26
(5 months ago)
Brute Force Detected
Brute-Force
Web App Attack
Anonymous
2026-01-31 10:16:02
(5 months ago)
Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/1.1, GET /wp-json/wp/v2/users?per_pa ...
show more
Bot / scanning and/or hacking attempts: POST /wp-login.php HTTP/1.1, GET /wp-json/wp/v2/users?per_page=100&page=1 HTTP/1.1, POST /wp-json/lp/v1/admin/tools/list-tables-indexs HTTP/1.1, POST /wp-json/lp/v1/admin/tools/create-indexs HTTP/1.1
show less
Hacking
Web App Attack
Anonymous
2026-01-16 13:34:32
(6 months ago)
"Malicius Bot Scanner"
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-07 13:11:17
(6 months ago)
(mod_security) mod_security (id:225170) triggered by 45.11.89.19 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 45.11.89.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 07 08:11:11.595517 2026] [security2:error] [pid 27521:tid 27521] [client 45.11.89.19:65204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||doctorhouse.ch|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "doctorhouse.ch"] [uri "/wp-json/wp/v2/users"] [unique_id "aV5bbwQF6cslGgOX2oZmEQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2025-12-26 14:50:11
(6 months ago)
Possible breaking attempt to Plesk
Web App Attack
๐ฑ๐ป
garmtech.com
2025-12-25 00:33:01
(6 months ago)
Possible breaking attempt to Plesk
Web App Attack
๐ซ๐ท
Dorian GRANDHAY
2025-12-22 06:28:01
(6 months ago)
(cpanel) Failed cPanel login from 45.11.89.19 (US/United States/-): 5 in the last 3600 secs; Ports: ...
show more
(cpanel) Failed cPanel login from 45.11.89.19 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CPANEL; Logs: [2025-12-22 06:37:07 +0100] info [cpaneld] 45.11.89.19 - tcmotors "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user tcmotors (has_cpuser_file failed)
[2025-12-22 07:00:17 +0100] info [cpaneld] 45.11.89.19 - Contact "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user Contact (has_cpuser_file failed)
[2025-12-22 07:27:48 +0100] info [cpaneld] 45.11.89.19 - mineweb "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user mineweb (has_cpuser_file failed)
[2025-12-22 07:27:58 +0100] info [cpaneld] 45.11.89.19 - index "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user index (has_cpuser_file failed)
[2025-12-22 07:27:58 +0100] info [cpaneld] 45.11.89.19 - ozgofr "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: access denied for root, reseller, and user password
show less
Port Scan
๐ฑ๐ป
garmtech.com
2025-12-21 17:48:44
(6 months ago)
Possible breaking attempt to Plesk
Web App Attack
๐ฎ๐น
VHosting
2025-12-20 21:25:09
(6 months ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ท
jigas
2025-12-20 18:54:03
(6 months ago)
Rule : PLESK BOT
2025-12-20 20:53:34 Unauthorized login attempt to Plesk Panel from IP 45.11.89.19 w ...
show more
Rule : PLESK BOT
2025-12-20 20:53:34 Unauthorized login attempt to Plesk Panel from IP 45.11.89.19 with username Administrator
show less
Hacking
Brute-Force
Web App Attack
๐ซ๐ท
Dorian GRANDHAY
2025-12-20 08:58:40
(6 months ago)
(cpanel) Failed cPanel login from 45.11.89.19 (US/United States/-): 5 in the last 3600 secs; Ports: ...
show more
(cpanel) Failed cPanel login from 45.11.89.19 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CPANEL; Logs: [2025-12-20 09:58:36 +0100] info [cpaneld] 45.11.89.19 - waurumne "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user waurumne (has_cpuser_file failed)
[2025-12-20 09:58:36 +0100] info [cpaneld] 45.11.89.19 - paul.brutel "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user paul.brutel (has_cpuser_file failed)
[2025-12-20 09:58:36 +0100] info [cpaneld] 45.11.89.19 - invitation "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user invitation (has_cpuser_file failed)
[2025-12-20 09:58:36 +0100] info [cpaneld] 45.11.89.19 - dotcore "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user dotcore (has_cpuser_file failed)
[2025-12-20 09:58:36 +0100] info [cpaneld] 45.11.89.19 - ekayl "POST /login/ HTTP/1.1" FAILED LOGIN cpaneld: invalid cpanel user ekayl (has_cpuser_file failed)
show less
Port Scan
๐ฒ๐พ
syokadmin
2025-12-20 06:12:44
(6 months ago)
(cpanel) Failed cPanel login from 45.11.89.19 (US/United States/-): 1 in the last 3600 secs
Brute-Force
Web App Attack