πΊπΈ
TPI-Abuse
2024-09-28 21:44:51
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 28 17:44:46.018249 2024] [security2:error] [pid 2694932:tid 2694932] [client 45.131.195.85:29419] [client 45.131.195.85] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wsffjatc.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wsffjatc.org"] [uri "/wp-json/wp/v2/users/"] [unique_id "Zvh4zhKoHqiEOPHCdKBbXAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-09-27 17:44:31
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 27 13:44:25.303081 2024] [security2:error] [pid 22646:tid 22646] [client 45.131.195.85:35799] [client 45.131.195.85] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.131.195.85 (+1 hits since last alert)|secondskinagency.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "secondskinagency.com"] [uri "/xmlrpc.php"] [unique_id "Zvbu-Xz-0ETFuURypjyywgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-09-19 18:24:22
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 19 14:24:15.626715 2024] [security2:error] [pid 11547:tid 11547] [client 45.131.195.85:65195] [client 45.131.195.85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.190"] [uri "/.env"] [unique_id "ZuxsT6Daairz2NReFM5eVAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2024-09-01 12:19:26
(1 year ago)
Excessive HTTP/HTTPS connections.
Bad Web Bot
π¦πΊ
MAGIC
2024-08-26 06:02:14
(1 year ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
π§π·
diego
2024-07-17 12:23:29
(1 year ago)
Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 10800 seconds
DDoS Attack
π±πΊ
HoneyPotEU02
2024-07-02 08:06:09
(1 year ago)
wordpress-trap
Web App Attack
π³π±
Linuxmalwarehuntingnl
2024-07-02 07:08:42
(1 year ago)
Unauthorized connection attempt
Brute-Force
π±πΊ
HoneyPotEU02
2024-07-01 04:59:58
(1 year ago)
wordpress-trap
Web App Attack
πͺπΈ
10dencehispahard SL
2024-06-29 04:03:31
(1 year ago)
Unauthorized login attempts [ accesslogs]
Brute-Force
πΊπΈ
TPI-Abuse
2024-06-28 21:58:46
(1 year ago)
(mod_security) mod_security (id:210492) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 28 17:58:42.762065 2024] [security2:error] [pid 6462] [client 45.131.195.85:27921] [client 45.131.195.85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "estudiovarela.com"] [uri "/wp-content/plugins/wp-config.php"] [unique_id "Zn8yEhd5F8qzDCGCO0VgPQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§π·
diego
2024-06-10 11:06:46
(1 year ago)
Events: TCP SYN Discovery or Flooding, Seen 3 times in the last 10800 seconds
DDoS Attack
π¦πΊ
MAGIC
2024-05-29 02:03:11
(2 years ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
πΊπΈ
TPI-Abuse
2024-05-26 21:51:38
(2 years ago)
(mod_security) mod_security (id:210492) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 45.131.195.85 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 26 17:49:00.464994 2024] [security2:error] [pid 27251] [client 45.131.195.85:65337] [client 45.131.195.85] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.williamcline.com"] [uri "/wp-config.php.save.3"] [unique_id "ZlOuTFQmeGZ0mhRPeQwPagAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
MAGIC
2024-04-17 00:11:53
(2 years ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot