๐ซ๐ท
ELYAZ
2026-06-16 07:21:40
(2 weeks ago)
(wordpress) Failed wordpress login from 45.3.51.88 (US/United States/-): (CF_ENABLE)
Brute-Force
๐ง๐ท
SOC PR
2026-05-05 05:00:41
(1 month ago)
IPS: Sensitive Configuration File Disclosure.
Hacking
๐บ๐ธ
omc
2026-04-30 08:57:21
(2 months ago)
AH01797: Unauthorized file
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-04-28 11:41:59
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210730) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 07:41:51.578451 2026] [security2:error] [pid 10208:tid 10208] [client 45.3.51.88:0] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ccamp.dev|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ccamp.dev"] [uri "/s3cmd.ini"] [unique_id "afCc_2Ne423vs_6wjnFOoQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-04-28 10:03:55
(2 months ago)
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.3.51.88 (US/United States/-): 1 in ...
show more
(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 45.3.51.88 (US/United States/-): 1 in the last 3600 secs (0-195)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-20 05:25:31
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:225170) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 00:25:26.825132 2026] [security2:error] [pid 11594:tid 11594] [client 45.3.51.88:47013] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||cobbwebb.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cobbwebb.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aZfwRgcqzf5ZMzeAfCst3AAAABM"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 03:37:45
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:37:42.485226 2026] [security2:error] [pid 24614:tid 24614] [client 45.3.51.88:47733] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kidswow.com"] [uri "/new/.git/config"] [unique_id "aZaFhswdgteTgEbVtAynSAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-02-19 03:25:56
(4 months ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 03:01:31
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 22:01:27.820613 2026] [security2:error] [pid 3285:tid 3285] [client 45.3.51.88:46063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kenmalone.com"] [uri "/test/.git/config"] [unique_id "aZZ9B43-7SxJNTtZJ4-_FwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-19 02:43:22
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 21:43:14.360573 2026] [security2:error] [pid 32709:tid 32709] [client 45.3.51.88:40847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keepingitsharp.biz"] [uri "/wp/.git/config"] [unique_id "aZZ4wqs2WoGEAcFwlZsXDgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-02-18 23:34:01
(4 months ago)
Blocking for trying to access an exploit file: /config/.env
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-18 23:03:29
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 18:03:20.062013 2026] [security2:error] [pid 3099:tid 3099] [client 45.3.51.88:57965] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "veenstras.com"] [uri "/backend/.env"] [unique_id "aZZFOJ51jHtwcB25O1ddNgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-02-18 21:16:33
(4 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-18 18:34:18
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 13:34:09.372667 2026] [security2:error] [pid 17680:tid 17680] [client 45.3.51.88:62409] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thewhitedfamily.com"] [uri "/backup/.git/config"] [unique_id "aZYGIb39Ps82qh2GxE50jAAAACY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-18 17:02:46
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 45.3.51.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 12:02:38.661923 2026] [security2:error] [pid 14123:tid 14190] [client 45.3.51.88:25449] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "zechesfinancialservices.com"] [uri "/backend/.env"] [unique_id "aZXwrnkMz8EHxVRrXrykkQAAAQI"]
show less
Brute-Force
Bad Web Bot
Web App Attack