๐ช๐ธ
pipeline.es
2026-07-11 21:59:33
(9 hours ago)
SQL injection against web application | Evidence: WARNING: SQL Injection Fecha: 11-07-2026 23:58:09 ...
show more
SQL injection against web application | Evidence: WARNING: SQL Injection Fecha: 11-07-2026 23:58:09 IP: 45.88.13.187 Cadena: [pattern: '/\bselect\b.{0,80}\bfrom\b/i', field: 'accion', val: 'loginand/**/(select/**/8985/**/from(select/**/count(*),concat('~',(select/**/(elt(8985=8985,1))),'~',floor(rand(0)*2))x/**/from/**/information_schema.plugins/**/group/**/by/**/x)a)-- -'] Contexto: {\"method\":\"POST\",\"host\":\"fafetravel.pt\",\"uri\":\"\/onl | ASN: Fast Servers (Pty) Ltd | Country: AE
show less
SQL Injection
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-16 00:07:50
(1 month ago)
(mod_security) mod_security (id:211030) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211030) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 20:07:45.152294 2026] [security2:error] [pid 17607:tid 17607] [client 45.88.13.187:10675] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at ARGS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "17"] [id "211030"] [rev "3"] [msg "COMODO WAF: LDAP Injection Attack||www.genesis-castle.com|F|2"] [data "Matched Data: (%'%~%'%|%|%( found within ARGS: 0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.genesis-castle.com"] [uri "/gallery/index.php"] [unique_id "age1UYFOopRCbLFunR61RAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
octageeks.com
2026-05-11 04:06:38
(2 months ago)
Wordpress malicious attack:[octaxmlrpc]
Web App Attack
๐ฉ๐ช
LRob
2026-05-03 18:15:06
(2 months ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-26 10:33:58
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 26 06:33:51.573305 2026] [security2:error] [pid 16039:tid 16039] [client 45.88.13.187:35507] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||zaril.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zaril.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acULj1W0EiUEyVqke2EbiwAAAAs"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-15 02:28:45
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 22:28:40.376965 2026] [security2:error] [pid 32687:tid 32687] [client 45.88.13.187:45471] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||geceindia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "geceindia.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abYZWJfCyQ2du4cCEXGeCAAAABU"], referer: https://www.google.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-22 10:54:04
(5 months ago)
(mod_security) mod_security (id:225170) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 05:54:00.870425 2026] [security2:error] [pid 1329:tid 1329] [client 45.88.13.187:25263] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||pearlhomesfw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pearlhomesfw.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXIByB_2cEbrfZgBAAIUpwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
lp
2025-07-02 13:52:31
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 45.88.13.187
2025-07-02T15:06:09+02:0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 45.88.13.187
2025-07-02T15:06:09+02:00 vpn Access-Reject 'j.parker' station: 45.88.13.187 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐จ๐ฟ
lp
2025-06-30 03:24:11
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 45.88.13.187
2025-06-30T04:05:16+02:0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 45.88.13.187
2025-06-30T04:05:16+02:00 vpn Access-Reject 'mejia' station: 45.88.13.187 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-27 18:56:33
(1 year ago)
(mod_security) mod_security (id:211120) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211120) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 27 14:56:29.625431 2025] [security2:error] [pid 20619:tid 20619] [client 45.88.13.187:56917] [client 45.88.13.187] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack||blublk.com|F|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/wp-super-cache/js/cache-loader.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blublk.com"] [uri "/wp-content/plugins/wp-super-cache/js/cache-loader.php"] [unique_id "Z-WfXVBqFCiF_OMUGMHikwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-03-24 09:53:07
(1 year ago)
(mod_security) mod_security (id:211120) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211120) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 24 05:53:01.512511 2025] [security2:error] [pid 3620029:tid 3620029] [client 45.88.13.187:29017] [client 45.88.13.187] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack||beirutbazar.com|F|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/w3-total-cache/lib/w3/pager.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "beirutbazar.com"] [uri "/wp-content/plugins/w3-total-cache/lib/W3/Pager.class.php"] [unique_id "Z-ErfcQQv4zpkYUvA4MLNwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
oncord
2025-03-03 11:21:46
(1 year ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2025-02-28 10:29:58
(1 year ago)
(mod_security) mod_security (id:211120) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211120) triggered by 45.88.13.187 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 05:29:50.640838 2025] [security2:error] [pid 2674011:tid 2674011] [client 45.88.13.187:59053] [client 45.88.13.187] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack||www.passy.us|F|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/canto/includes/lib/download.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.passy.us"] [uri "/wp-content/plugins/canto/includes/lib/download.php"] [unique_id "Z8GQHszNzefzzQ3AKFMDfgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-02-26 19:17:39
(1 year ago)
wordpress-trap
Web App Attack
๐จ๐ฟ
lp
2025-02-15 23:49:49
(1 year ago)
Unauthorized VPN login attempts: 1 attempts were recorded from 45.88.13.187
2025-02-16T00:30:45+01:0 ...
show more
Unauthorized VPN login attempts: 1 attempts were recorded from 45.88.13.187
2025-02-16T00:30:45+01:00 vpn Access-Reject 'carlen' station: 45.88.13.187 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>'
show less
Brute-Force
Web App Attack