๐ซ๐ท
dynamix
2026-07-02 18:24:47
(20 hours ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 15:04:42
(23 hours ago)
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:04:35.146205 2026] [security2:error] [pid 21788:tid 21788] [client 173.239.196.107:43423] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||beeswaxnews.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "beeswaxnews.com"] [uri "/images/stories/themes.php"] [unique_id "akZ-A1z6mNQlpvmPt5FlGwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-02 09:46:55
(1 day ago)
Excessive 404/403 errors
Brute-Force
๐ซ๐ท
masterguru
2026-06-30 02:04:28
(3 days ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-195)
Hacking
๐ฏ๐ต
beon
2026-06-29 16:08:23
(3 days ago)
[DateTime=>2026-06-29T16:08:23Z to 2026-06-29T16:09:08Z (UTC)] , [HoneyPot_Hits=>253 times] , [Honey ...
show more
[DateTime=>2026-06-29T16:08:23Z to 2026-06-29T16:09:08Z (UTC)] , [HoneyPot_Hits=>253 times] , [HoneyPots=>/.trash7206/index.php, /storage/framework/views/core.php, /wp-content/plugins/so-pinyin-slugs/inc/main_json.php, /wp-includes/blocks/latest-comments/template-loader.php, /wp-content/themes/twentytwentyfour/patterns/template-singl-portfolio.php, /wp-content/wpvivid_uploads/wp-conflg.php and others] , [404targets=>/update/, /modules/mod_simplefileuploadv1.3/elements/, /js/, /.well-known/pki-validation/, /autoload_classmap/, /templates/beez3/ and others] , [total_Hits=>285 times] , [hit_per_second=>6.33] , [Keyword=>WordPress, file manager scripts, .well-known, PHP web shells]
show less
Bad Web Bot
Web App Attack
Hacking
๐ณ๐ฑ
Site.eu
2026-06-29 09:53:21
(4 days ago)
Excessive 404/403 errors
Brute-Force
๐ซ๐ท
Octopuce
2026-06-28 17:46:38
(4 days ago)
Aggressive web search of vulnerable pages: /update/ /themes/zMousse/ /wp-content/plugins/ubh/ /wp-co ...
show more
Aggressive web search of vulnerable pages: /update/ /themes/zMousse/ /wp-content/plugins/ubh/ /wp-content/plugins/seoplugins/ /wp-content/theme ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 19:19:13
(5 days ago)
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 15:19:09.004625 2026] [security2:error] [pid 7890:tid 7890] [client 173.239.196.107:33371] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||genevainvestors.internetnameregistration.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "genevainvestors.internetnameregistration.com"] [uri "/images/stories/themes.php"] [unique_id "akAiLSDZARXAU-fC3V20rwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-06-25 14:48:43
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
myagent.site
2026-03-10 19:10:17
(3 months ago)
Blocking for trying to access an exploit file: //xmlrpc.php?rsd
Hacking
Anonymous
2026-03-02 14:40:39
(4 months ago)
ALFA.TEaM.Web.Shell
Web App Attack
๐ณ๐ฟ
Antinson
2026-02-25 07:07:31
(4 months ago)
Scraping with a high error ratio and request rate
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-02-23 15:29:45
(4 months ago)
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 10:29:40.648649 2026] [security2:error] [pid 7613:tid 7613] [client 173.239.196.107:52131] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||explorediablo.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "explorediablo.com"] [uri "/images/stories/themes.php"] [unique_id "aZxyZDjGfrWHU3CmyRDVaAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-02-23 12:56:28
(4 months ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 08:46:51
(4 months ago)
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240000) triggered by 173.239.196.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 03:46:45.390561 2026] [security2:error] [pid 23029:tid 23029] [client 173.239.196.107:51525] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||azpinklimos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "azpinklimos.com"] [uri "/images/stories/themes.php"] [unique_id "aZrCdbvGrpmA1v51fLU18wAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack