TPI-Abuse
2024-11-10 01:13:56
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 20:13:52.514140 2024] [security2:error] [pid 13199:tid 13199] [client 45.63.84.234:50086] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.aethena.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.aethena.org"] [uri "/_users/org.couchdb.user:poc"] [unique_id "ZzAI0KTMzSZRBXfBCDHo1wAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-10 00:37:59
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 19:37:54.224561 2024] [security2:error] [pid 22572:tid 22631] [client 45.63.84.234:38356] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.adprosfla.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.adprosfla.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "ZzAAYkoYJchdKJ8h03N7MgAAAEM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-09 22:11:46
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 17:11:38.959878 2024] [security2:error] [pid 5404:tid 5412] [client 45.63.84.234:36456] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.aaenroll.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.aaenroll.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "Zy_eGhgdvC_tVm5pnguhdQAAAIU"] show less
Brute-Force
Bad Web Bot
Web App Attack
Burayot
2024-11-09 21:22:21
(2 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.63.84.234 (US/United States/45.6 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 45.63.84.234 (US/United States/45.63.84.234.vultrusercontent.com): 1 in the last 3600 secs show less
Web App Attack
TPI-Abuse
2024-11-09 20:42:53
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 15:42:49.460835 2024] [security2:error] [pid 32553:tid 32553] [client 45.63.84.234:59074] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.30daysout.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.30daysout.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "Zy_JSTJ--WIWyrrw0_LYuAAAACI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-09 18:51:19
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 13:51:12.635448 2024] [security2:error] [pid 18174:tid 18174] [client 45.63.84.234:41402] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.fynebutts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.fynebutts.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "Zy-vIMxbkQwx0l0OZ340IwAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
Rizzy
2024-11-09 16:02:55
(2 months ago)
Multiple WAF Violations
Brute-Force
Web App Attack
TPI-Abuse
2024-11-09 15:39:50
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 10:39:43.501173 2024] [security2:error] [pid 15462:tid 15572] [client 45.63.84.234:41386] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.flipkimmel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.flipkimmel.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "Zy-CP0dnVbHwsPrnMgLWNQAAANE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-09 15:09:46
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 10:09:41.323970 2024] [security2:error] [pid 24161:tid 24161] [client 45.63.84.234:51760] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.fishing-links.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.fishing-links.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "Zy97NamIHCOFFNTgc6EdWgAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-09 13:35:45
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 08:35:41.589385 2024] [security2:error] [pid 14349:tid 14349] [client 45.63.84.234:58940] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4530"] [id "240950"] [rev "2"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.rddeckerphotography.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.rddeckerphotography.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "Zy9lLU5WWazj4LhJ6ZWyIgAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-09 13:18:53
(2 months ago)
(mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com ... show more (mod_security) mod_security (id:240950) triggered by 45.63.84.234 (45.63.84.234.vultrusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 08:18:51.247170 2024] [security2:error] [pid 3716500:tid 3716500] [client 45.63.84.234:56200] [client 45.63.84.234] ModSecurity: Access denied with code 403 (phase 1). Pattern match "\\\\D" at TX:1. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "4539"] [id "240950"] [rev "1"] [msg "COMODO WAF: XSS & SQL injection vulnerability in Pragyan CMS 3.0 (CVE-2015-1471)||cpanel.raynernet.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cpanel.raynernet.com"] [uri "/_users/org.couchdb.user:poc"] [unique_id "Zy9hOx2eEldH1_JIJGzLgAAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack