Bonjour,

Ce sont des comptes qui se sont fait compromettre (j’imagine que le couple login / mot de passe est disponible sur Internet).

Ce comptes ont été utilisés dans le passé de façon légitime. Par exemple le pseudo "Jean-Philippe" à posté 65 messages entre avril 2018 et décembre 2018 surtout concernant son abonnement Coriolis Telecom.
 

Le message de SPAM est pour les trois comptes piratés posté de l'IP 45.136.48.135.

Les 3 comptes compromis étant inactifs depuis au moins 4 ans, j'ai supprimé leur compte (comme il est compromis, il y a un risque de nouveaux messages de la part du pirate).

Les log Apache des 3 IP en filtrant pour n'avoir que les POST (envoie de données au serveur, pour s'authentifier ou poster un message) : C'est uniquement des connexions TLS 1.2, pas de TLS 1.3 alors que les navigateurs qu'ils disent utiliser dans le "user agent" gère le TLS 1.3.

Maintenant, on voit que le "user agent", c'est du bluff, il change plusieurs fois, Edge ou CHrome, Windows 8.1 ou Windows 10 et certains user-agent sont incorrects, il manque des choses.

Autre chose assez étonnante : C'est du HTTP/1.0 !
Qui utilise ça de nos jours ? Son successeur, HTTP/1.1 date de 1999.

Je m'attendais à voir plein de tentatives de connexions, mais ce n'est pas le cas.

10/Jan/2023:05:51:58 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
10/Jan/2023:05:52:06 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 5203 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
10/Jan/2023:09:43:54 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.86 Safari/537.36"
10/Jan/2023:09:44:03 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 5209 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.86 Safari/537.36"
10/Jan/2023:18:12:20 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.39"
10/Jan/2023:18:13:13 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 5209 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.39"
11/Jan/2023:14:25:31 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
11/Jan/2023:14:25:33 POST /profile/?area=account;u=25341;save HTTP/1.0" 14775 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
11/Jan/2023:15:03:12 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
11/Jan/2023:18:15:42 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
11/Jan/2023:18:15:43 POST /profile/?area=account;u=15774;save HTTP/1.0" 21062 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
11/Jan/2023:18:15:45 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 5207 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
11/Jan/2023:19:48:40 POST /login2/ HTTP/1.0" 13599 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
11/Jan/2023:20:52:09 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
11/Jan/2023:20:52:10 POST /profile/?area=account;u=38206;save HTTP/1.0" 20948 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
11/Jan/2023:21:38:30 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
11/Jan/2023:21:38:32 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 5213 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 6.1; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
12/Jan/2023:00:20:04 POST /register/ HTTP/1.0" 19209 "https://lafibre.info/register/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
12/Jan/2023:01:22:22 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
12/Jan/2023:01:22:24 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 5213 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
12/Jan/2023:01:40:03 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
12/Jan/2023:02:29:46 POST /login2/ HTTP/1.0" 5470 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.39"
13/Jan/2023:02:36:30 POST /login2/ HTTP/1.0" 13355 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 6.1; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
13/Jan/2023:03:20:08 POST /login2/ HTTP/1.0" 13359 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
13/Jan/2023:08:09:53 POST /login2/ HTTP/1.0" 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
13/Jan/2023:08:09:57 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 5194 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"


Il y en a eu d'autres ce week-end qui était sur des comptes actifs.

Pour les comptes inactifs depuis plusieurs années, je supprime le compte.

Pour les comptes actifs les deux dernières années, je réinitialise le mot de passe. Il faut alors faire la procédure de mot de passe perdu.

10/01/2023 : 45.136.48.135 pseudo Jean-Philippe, Venin95 et un troisime dont je n'ai pas noté le pseudo
11/01/2023 : 5.61.55.218 pseudo pala14 et immoartaltiger
12/01/2023 : 5.61.55.218 pseudo titigenol
13/01/2023 : 37.220.87.25 pseudo pala14
15/01/2023 : 109.107.166.230 pseudo xPolo62, Empereur, padman et intikman
16/01/2023 : 109.107.166.230 pseudo nono87410, John02 et electrocaine

Log de l'IPv4 109.107.166.230, tous les transferts sont en TLS 1.2 et HTTP/1.0 :
14/Jan/2023:20:07:17 POST /login2/ HTTP/1.0" 200 13361 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
14/Jan/2023:21:02:36 POST /login2/ HTTP/1.0" 200 13359 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42"
14/Jan/2023:22:10:27 POST /login2/ HTTP/1.0" 200 13148 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:00:34:12 POST /login2/ HTTP/1.0" 200 13363 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42"
15/Jan/2023:03:09:19 POST /login2/ HTTP/1.0" 302 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
15/Jan/2023:03:09:20 POST /profile/?area=account;u=38206;save HTTP/1.0" 200 20951 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
15/Jan/2023:04:58:39 POST /login2/ HTTP/1.0" 200 13156 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4427.0 Safari/537.36"
15/Jan/2023:06:27:27 POST /activate/?sa=resend HTTP/1.0" 200 11564 "https://lafibre.info/activate/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
15/Jan/2023:06:36:44 POST /login2/ HTTP/1.0" 302 5472 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:06:36:46 POST /profile/?area=account;u=34344;save HTTP/1.0" 200 21047 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:06:36:48 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 302 5200 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:07:42:08 POST /login2/ HTTP/1.0" 200 13147 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
15/Jan/2023:09:14:56 POST /login2/ HTTP/1.0" 302 5470 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
15/Jan/2023:09:14:58 POST /profile/?area=account;u=4363;save HTTP/1.0" 200 20924 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
15/Jan/2023:09:15:00 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 302 5200 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
15/Jan/2023:11:19:51 POST /login2/ HTTP/1.0" 302 5656 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42"
15/Jan/2023:11:19:53 POST /profile/?area=account;u=36643;save HTTP/1.0" 200 20935 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42"
15/Jan/2023:11:19:55 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 302 5200 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42"
15/Jan/2023:12:04:46 POST /login2/ HTTP/1.0" 200 13156 "https://lafibre.info/login" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.86 Safari/537.36"
15/Jan/2023:12:11:41 POST /login2/ HTTP/1.0" 302 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
15/Jan/2023:12:11:43 POST /profile/?area=account;u=36643;save HTTP/1.0" 200 20932 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
15/Jan/2023:12:11:45 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 302 5200 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
15/Jan/2023:15:21:49 POST /login2/ HTTP/1.0" 200 13395 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
15/Jan/2023:15:23:57 POST /login2/ HTTP/1.0" 302 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4400.8 Safari/537.36"
15/Jan/2023:15:23:59 POST /profile/?area=account;u=31408;save HTTP/1.0" 200 20947 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4400.8 Safari/537.36"
15/Jan/2023:15:24:01 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 302 5200 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4400.8 Safari/537.36"
15/Jan/2023:16:55:59 POST /login2/ HTTP/1.0" 302 5470 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:16:56:01 POST /profile/?area=account;u=4363;save HTTP/1.0" 200 20921 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:16:56:03 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 302 5200 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:18:11:46 POST /login2/ HTTP/1.0" 302 5472 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
15/Jan/2023:18:11:47 POST /profile/?area=account;u=32784;save HTTP/1.0" 200 20947 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
15/Jan/2023:18:13:28 POST /login2/ HTTP/1.0" 200 13143 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
15/Jan/2023:18:18:18 POST /login2/ HTTP/1.0" 200 13160 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
15/Jan/2023:20:17:08 POST /login2/ HTTP/1.0" 200 13157 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36"
15/Jan/2023:20:30:50 POST /login2/ HTTP/1.0" 200 13155 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"
16/Jan/2023:08:33:27 POST /login2/ HTTP/1.0" 200 13383 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
16/Jan/2023:12:26:29 POST /login2/ HTTP/1.0" 200 13388 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36 Edg/90.0.818.42"
16/Jan/2023:12:31:34 POST /login2/ HTTP/1.0" 200 13161 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.49"
16/Jan/2023:12:37:07 POST /login2/ HTTP/1.0" 200 13159 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36"
16/Jan/2023:13:22:57 POST /login2/ HTTP/1.0" 302 5656 "https://lafibre.info/login/" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
16/Jan/2023:13:22:59 POST /profile/?area=account;u=22273;save HTTP/1.0" 200 21068 "https://lafibre.info/profile/?area=account" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"
16/Jan/2023:13:23:01 POST /ftth-la-fibre-optique-gpon-ou-p2p/?action=post2;start=0 HTTP/1.0" 302 5200 "https://lafibre.info/ftth-la-fibre-optique-gpon-ou-p2p/?action=post" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.72 Safari/537.36"

La dernière, les autres c'est Hollande

C'est pas possible de bloquer le post depuis une IP étrangère quand l'inscription est FR ?

Changement d'avis : vu les nombreuses requêtes de 109.107.166.230 qui continue ce soir, j'ai bloqué au niveau du firewall les 4 IP.