๐ซ๐ท
dynamix
2026-07-08 07:00:52
(2 days ago)
Multiple WAF Violations
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 17:42:20
(2 days ago)
(mod_security) mod_security (id:240000) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 13:42:14.559507 2026] [security2:error] [pid 2210:tid 2210] [client 203.159.81.84:59351] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||coloradohifi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "coloradohifi.com"] [uri "/images/stories/themes.php"] [unique_id "ak06do7OyYgOL7EJt1XrVQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-07 05:06:07
(3 days ago)
Trying to access config files
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 02:30:58
(3 days ago)
(mod_security) mod_security (id:225170) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 22:30:54.854621 2026] [security2:error] [pid 7442:tid 7442] [client 203.159.81.84:40819] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.furbabieslivesmatter.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.furbabieslivesmatter.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "akxk3iFdtsNsnsOUohtp6AAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
conseilgouz
2026-06-28 18:25:51
(1 week ago)
loe-7 : Trying access unauthorized files/dir=>//wp-admin/css/index.php
Hacking
๐ฌ๐ง
consul.to
2026-06-23 04:37:46
(2 weeks ago)
Web attack/malicious scanning detected
Web App Attack
๐ฏ๐ต
demonsword
2026-06-11 09:04:21
(4 weeks ago)
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ...
show more
Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: api.cyberghostvpn.com:443
show less
Open Proxy
Port Scan
๐บ๐ธ
TPI-Abuse
2026-02-23 23:53:21
(4 months ago)
(mod_security) mod_security (id:240000) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 18:53:16.760256 2026] [security2:error] [pid 19915:tid 19915] [client 203.159.81.84:57863] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||riverflow.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "riverflow.com"] [uri "/images/stories/themes.php"] [unique_id "aZzobFtECTAkglHFYAQ-AAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-02-23 20:09:43
(4 months ago)
203.159.81.84 - - [23/Feb/2026:22:09:41 +0200] "GET /wp-admin/css/colors/midnight/admin.php HTTP/1.1 ...
show more
203.159.81.84 - - [23/Feb/2026:22:09:41 +0200] "GET /wp-admin/css/colors/midnight/admin.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:79.0) Gecko/20100101 Firefox/79.0"
203.159.81.84 - - [23/Feb/2026:22:09:42 +0200] "GET /wp-includes/style-engine/worksec.php HTTP/1.1" 404 280 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0"
...
show less
Web App Attack
๐ฌ๐ง
consul.to
2026-02-23 08:18:51
(4 months ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-22 16:24:29
(4 months ago)
(mod_security) mod_security (id:240000) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240000) triggered by 203.159.81.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 22 11:24:25.888815 2026] [security2:error] [pid 3943:tid 3943] [client 203.159.81.84:45395] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.thendco.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.thendco.com"] [uri "/images/stories/themes.php"] [unique_id "aZstuS4MeBVoG7WuUHBc_QAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-02-22 11:20:32
(4 months ago)
203.159.81.84 - - [22/Feb/2026:13:20:30 +0200] "GET /wp-includes/blocks/table/int/tmpl/index.php HTT ...
show more
203.159.81.84 - - [22/Feb/2026:13:20:30 +0200] "GET /wp-includes/blocks/table/int/tmpl/index.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
203.159.81.84 - - [22/Feb/2026:13:20:31 +0200] "GET /wp-includes/js/jquery/suggest.php HTTP/1.1" 404 282 "-" "Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:73.0) Gecko/20100101 Firefox/73.0"
...
show less
Web App Attack
Anonymous
2026-02-15 12:00:06
(4 months ago)
| [Normal/Israel] Agressive IP 203.159.81.84 (~350 hits). Type: DoS Defender- Web server 400 error c ...
show more
| [Normal/Israel] Agressive IP 203.159.81.84 (~350 hits). Type: DoS Defender- Web server 400 error code
show less
Hacking
SQL Injection
Web App Attack
๐ฆ๐บ
nzhost.co.nz
2026-02-09 11:53:39
(5 months ago)
$f2bV_matches
Hacking
Brute-Force
Anonymous
2026-01-26 05:23:00
(5 months ago)
wordpress-trap
Web App Attack