๐ซ๐ท
dynamix
2025-07-28 00:37:31
(11 months ago)
Multiple WAF Violations
Web App Attack
๐ง๐ช
cmbplf
2025-07-26 07:21:15
(11 months ago)
282 requests with url.path *.alfa
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2025-07-25 11:50:13
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 159.223.56.170 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 159.223.56.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 25 07:50:08.217138 2025] [security2:error] [pid 12659:tid 12680] [client 159.223.56.170:62218] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gaqa.org"] [uri "/wp-config.php"] [unique_id "aINvcHhTqrDhP8b9h-H7UQAAANE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
masterguru
2025-07-25 09:58:05
(11 months ago)
BAD BOT - Detected and Blocked.. Matched phrase "mozlila" at REQUEST_HEADERS:User-Agent. (1100000-12 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "mozlila" at REQUEST_HEADERS:User-Agent. (1100000-124)
show less
Bad Web Bot
๐บ๐ธ
masterguru
2025-07-25 04:13:48
(11 months ago)
Too much 404 requests in 1 hour. Operator GE matched 50 at IP:block_script. (44020-124)
Hacking
๐บ๐ธ
TPI-Abuse
2025-07-24 21:20:39
(11 months ago)
(mod_security) mod_security (id:210492) triggered by 159.223.56.170 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 159.223.56.170 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 24 17:20:33.941549 2025] [security2:error] [pid 25758:tid 25758] [client 159.223.56.170:62785] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "galego.anxo.org"] [uri "/wp-config.php"] [unique_id "aIKjoc0Wnh1nr3T8CRn5SwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2025-07-23 06:25:35
(11 months ago)
477 requests with url.path *.alfa
Brute-Force
Bad Web Bot
๐ฉ๐ช
ps-center
2025-07-22 10:52:48
(11 months ago)
C1: Web Attack POST /wp-content/alfacgiapi/perl.alfa
Web Spam
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
ps-center
2025-07-21 02:06:38
(11 months ago)
C1: Web Attack GET /wp-admin/about.php
Web Spam
Hacking
Bad Web Bot
Web App Attack
Anonymous
2025-07-20 17:37:39
(11 months ago)
159.223.56.170 - - [20/Jul/2025:19:37:34 +0200] "GET /.well-known/alfacgiapi/perl.alfa HTTP/1.1" 404 ...
show more
159.223.56.170 - - [20/Jul/2025:19:37:34 +0200] "GET /.well-known/alfacgiapi/perl.alfa HTTP/1.1" 404 31010
159.223.56.170 - - [20/Jul/2025:19:37:34 +0200] "GET /.well-known/alfacgiapi/perl.alfa HTTP/1.1" 404 27389
159.223.56.170 - - [20/Jul/2025:19:37:35 +0200] "GET /.well-known/alfacgiapi/bash.alfa HTTP/1.1" 404 27389
159.223.56.170 - - [20/Jul/2025:19:37:35 +0200] "GET /.well-known/alfacgiapi/bash.alfa HTTP/1.1" 404 27389
159.223.56.170 - - [20/Jul/2025:19:37:35 +0200] "GET /.well-known/alfacgiapi/py.alfa HTTP/1.1" 404 27389
159.223.56.170 - - [20/Jul/2025:19:37:35 +0200] "GET /.well-known/alfacgiapi/py.alfa HTTP/1.1" 404 27389
159.223.56.170 - - [20/Jul/2025:19:37:36 +0200] "GET /.well-known/alfacgiapi/?bx=0e215962017 HTTP/1.1" 404 27389
159.223.56.170 - - [20/Jul/2025:19:37:36 +0200] "GET /.well-known/alfacgiapi/radio.php?bx=0e215962017 HTTP/1.1" 404 27389
159.223.56.170 - - [20/Jul/2025:19:37:37 +0200] "GET /.well-known/alfacgiapi/404.php?bx=0e215962017 HTTP/1.1" 404 27389
159.223
...
show less
Web Spam
Web App Attack
Anonymous
2025-07-19 12:35:00
(11 months ago)
Firewall has blocked 112 attacks over the last 10 minutes.
DDoS Attack
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
snappic
2025-07-19 08:39:17
(11 months ago)
Malicious URI path [GET /about.php] [Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) App ...
show more
Malicious URI path [GET /about.php] [Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36Team Anon Force]
show less
Bad Web Bot
Web App Attack
Anonymous
2025-07-18 22:47:19
(11 months ago)
[Drupal AbuseIPDB module] Request path is blacklisted. /wp-admin/about.php
Web App Attack
๐บ๐ธ
mawan
2025-07-17 12:18:33
(11 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฎ๐ฉ
hermawan
2025-07-16 23:42:37
(11 months ago)
[Thu Jul 17 06:41:50.420639 2025] [security2:error] [pid 234198:tid 140042189035200] [client 159.223 ...
show more
[Thu Jul 17 06:41:50.420639 2025] [security2:error] [pid 234198:tid 140042189035200] [client 159.223.56.170:49719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/alfa" at REQUEST_FILENAME. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "69"] [id "448101"] [msg "BAD REQUEST FILENAME - Detected and Blocked"] [data "Matched Data: /alfa found within REQUEST_FILENAME: /alfacgiapi/perl.alfa request_line = POST /alfacgiapi/perl.alfa HTTP/1.1"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/alfacgiapi/perl.alfa"] [unique_id "aHg4vhI1VuOe0iJLlvGb4QAAAEE"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[234226] [R3/XbxSuLkI] [aHg4vhI1VuOe0iJLlvGb4QAAAEE] keep_alive=[0] [2025-07-17 06:41:50.420645] [R:aHg4vhI1VuOe0iJLlvGb4QAAAEE] UA:'Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/537.36
...
show less
Hacking
Web App Attack