|
Anonymous
|
|
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/js/widgets/xmrlpc.php
|
Web App Attack
|
|
|
๐ฉ๐ช
Ba-Yu
|
|
WordPress hacking/exploits/scanning
|
Web Spam
Hacking
Brute-Force
Exploited Host
Web App Attack
|
|
|
๐ฌ๐ง
Spidrweb.co.uk
|
|
Brute-Force WordPress attack (85.155)
|
Web App Attack
|
|
|
๐ง๐ช
cmbplf
|
|
275 requests with url.path */.well-known/pki-validation/*.php
|
Brute-Force
Bad Web Bot
|
|
|
๐ณ๐ฑ
Savvii
|
|
20 attempts against mh-misbehave-ban on ec102948
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฉ๐ฐ
tscomputer
|
|
WP Attack
|
DDoS Attack
Web Spam
Brute-Force
Web App Attack
|
|
|
๐น๐ท
zumbo.net
|
|
CMS/PHP/SQL vulnerabilities/excessive crawling
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ง๐ช
taivas.nl
|
|
Site scraper
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 10:36:52.364811 2025] [security2:error] [pid 30183:tid 30183] [client 52.177.184.12:1435] [client 52.177.184.12] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||proprocessor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "proprocessor.com"] [uri "/images/stories/admin-post.php"] [unique_id "Z_aGBA8GItiH-7-c8hsZ4AAAAAM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
dynamix
|
|
Multiple WAF Violations
|
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 08:59:23.039416 2025] [security2:error] [pid 1931998:tid 1931998] [client 52.177.184.12:14473] [client 52.177.184.12] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||warpedweed.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "warpedweed.com"] [uri "/images/stories/admin-post.php"] [unique_id "Z_ZvK--n98vEsNrHM2V-dAAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 08:29:49.991390 2025] [security2:error] [pid 2227027:tid 2227027] [client 52.177.184.12:6856] [client 52.177.184.12] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||purrple.ink|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "purrple.ink"] [uri "/images/stories/admin-post.php"] [unique_id "Z_ZoPU9fQpUp_0ZSaWSxZQAAACA"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 52.177.184.12 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 08:11:52.016251 2025] [security2:error] [pid 18263:tid 18263] [client 52.177.184.12:4957] [client 52.177.184.12] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||hillsboroughcountyresident.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "hillsboroughcountyresident.com"] [uri "/images/stories/admin-post.php"] [unique_id "Z_ZkCH5p08dliKQIkZzjcAAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|