๐จ๐ญ
4server
2026-07-17 19:37:34
(1 second ago)
[FriJul1721:37:31.5787262026][security2:error][pid1528785:tid1529031][client172.202.29.124:0]ModSecu ...
show more
[FriJul1721:37:31.5787262026][security2:error][pid1528785:tid1529031][client172.202.29.124:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\"wp-config\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"cpcontacts.lemox.ch\"][uri\"/wp-configer.php\"][unique_id\"alqEe8cHXMjdBHCiik7T5wAAAFA\"]
show less
Hacking
Web App Attack
๐ฉ๐ช
Viveronese
2026-07-17 19:35:11
(2 minutes ago)
HTTP vulnerability scanning
Web App Attack
Anonymous
2026-07-17 19:29:40
(7 minutes ago)
Fail2Ban repeated offender detected
Brute-Force
๐ฉ๐ช
0x44
2026-07-17 19:23:27
(14 minutes ago)
Web probing - backdoors/webshells with missing User-Agent
Bad Web Bot
Web App Attack
๐ฉ๐ช
KiekerJan
2026-07-17 19:21:54
(15 minutes ago)
172.202.29.124 - - [17/Jul/2026:21:21:52 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ...
show more
172.202.29.124 - - [17/Jul/2026:21:21:52 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-"
172.202.29.124 - - [17/Jul/2026:21:21:53 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 146 "-" "-"
...
show less
Web App Attack
๐ธ๐ฌ
pusathosting.com
2026-07-17 19:20:05
(17 minutes ago)
24ds22 bruteforce
Brute-Force
Web App Attack
๐ฌ๐ง
OptimusGO
2026-07-17 19:19:51
(17 minutes ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-07-17 20:19:50 UTC
Log evidence:
172.202.29.124 - - [17/Jul/2026:20:18:13 +0100] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 146 "-" "-"
172.202.29.124 - - [17/Jul/2026:20:18:14 +0100] "GET /wp-check.php HTTP/1.1" 404 146 "-" "-"
172.202.29.124 - - [17/Jul/2026:20:18:14 +0100] "GET /wp-logins.php HTTP/1.1" 404 146 "-" "-"
show less
Port Scan
Brute-Force
๐ณ๐ฑ
ReyhZhao
2026-07-17 19:14:28
(23 minutes ago)
Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was ...
show more
Bunkerweb ModSecurity alert: Potential Remote Command Execution (RCE) detected. Unix shell code was identified within the request arguments, triggering a security rule designed to prevent application attacks.
show less
Brute-Force
Anonymous
2026-07-17 19:14:18
(23 minutes ago)
Aggressive Robot or Attack DDOS
DDoS Attack
๐บ๐ธ
itsnixk
2026-07-17 19:11:32
(26 minutes ago)
(mod_security) mod_security (id:930130) triggered by 172.202.29.124 (US/United States/-): 1 in the l ...
show more
(mod_security) mod_security (id:930130) triggered by 172.202.29.124 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jul 17 15:11:27.305229 2026] [security2:error] [pid 354237:tid 354350] [client 172.202.29.124:64364] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "config.php" at REQUEST_FILENAME. [file "/etc/modsecurity.d/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "150"] [id "930130"] [msg "Restricted File Access Attempt"] [redacted] [severity "CRITICAL"] [ver "OWASP_CRS/4.27.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-LFI"] [tag "capec/1000/255/153/126"] [redacted] [uri "/config.php7"] [unique_id "alp-X0GGbuXiZY0u9vNqKAAAAB4"]
show less
Port Scan
Anonymous
2026-07-17 19:06:57
(30 minutes ago)
172.202.29.124 detected on srv01
Brute-Force
๐ซ๐ท
lindi
2026-07-17 19:05:00
(32 minutes ago)
Probing for resource vulnerabilities
...
Web Spam
Brute-Force
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
lavnet.net
2026-07-17 19:00:56
(36 minutes ago)
172.202.29.124 - - [17/Jul/2026:19:00:55 +0000] "GET /202.0.php HTTP/1.1" 404 6073 "-" "-"
172.202.2 ...
show more
172.202.29.124 - - [17/Jul/2026:19:00:55 +0000] "GET /202.0.php HTTP/1.1" 404 6073 "-" "-"
172.202.29.124 - - [17/Jul/2026:19:00:55 +0000] "GET /rss.php HTTP/1.1" 404 2050 "-" "-"
172.202.29.124 - - [17/Jul/2026:19:00:55 +0000] "GET /rss.php HTTP/1.1" 404 2050 "-" "-"
172.202.29.124 - - [17/Jul/2026:19:00:55 +0000] "GET /alexus-mailer.php HTTP/1.1" 404 2050 "-" "-"
172.202.29.124 - - [17/Jul/2026:19:00:55 +0000] "GET /alexus-mailer.php HTTP/1.1" 404 2050 "-" "-"
...
show less
Brute-Force
๐ฉ๐ช
ger-stg-sifi1
2026-07-17 19:00:35
(37 minutes ago)
(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-07-17 19:00:28
(37 minutes ago)
Reported by TangerangKota-CSIRT. Status: MALICIOUS
Hacking
Email Spam