๐ซ๐ท
dynamix
2026-06-29 13:13:32
(21 hours ago)
Multiple WAF Violations
Web App Attack
๐ซ๐ท
Octopuce
2026-06-27 10:52:35
(2 days ago)
Aggressive web search of vulnerable pages: /wp-header.php /wp-content/themes/admin.php /Marvins.php ...
show more
Aggressive web search of vulnerable pages: /wp-header.php /wp-content/themes/admin.php /Marvins.php /wp-content/about.php /wp-class.php /xx.php ...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 04:40:14
(3 days ago)
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 00:40:08.261254 2026] [security2:error] [pid 24254:tid 24254] [client 45.133.7.70:59401] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||stlouisdave.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "stlouisdave.com"] [uri "/images/stories/themes.php"] [unique_id "aj9UKFA6HUKe00i5aOtnxwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Rip
2026-06-25 20:20:04
(4 days ago)
Unauthorized access attempts across vhosts probing for web-shells and backdoors.
Web App Attack
๐ฌ๐ง
consul.to
2026-06-24 06:00:12
(6 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-24 03:53:46
(6 days ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-24 03:06:57
(6 days ago)
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 23:06:50.436201 2026] [security2:error] [pid 13549:tid 13549] [client 45.133.7.70:34589] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||waynemather.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "waynemather.com"] [uri "/images/stories/themes.php"] [unique_id "ajtJyml2nCxflgY6RRr53wAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 18:11:54
(1 week ago)
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 14:11:49.518659 2026] [security2:error] [pid 14885:tid 14885] [client 45.133.7.70:52587] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "87"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||sra-ep.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "sra-ep.org"] [uri "/images/stories/themes.php"] [unique_id "ajl65V50tEeZZodrqbUTUwAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-06-22 05:32:50
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐ซ๐ท
masterguru
2026-06-22 01:08:22
(1 week ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)
Hacking
๐ฌ๐ง
consul.to
2026-06-20 07:23:49
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 04:07:14
(1 week ago)
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 45.133.7.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 00:07:10.579859 2026] [security2:error] [pid 32692:tid 32692] [client 45.133.7.70:28187] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||bilimkurgumanyagi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "bilimkurgumanyagi.com"] [uri "/images/stories/themes.php"] [unique_id "ajYR7nt2WLKKpddAhG0B1QAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-19 17:12:39
(1 week ago)
45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /images/class-config.php HTTP/1.1" 404 196 "-" "Mo ...
show more
45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /images/class-config.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /components/com_jea/views/form/tmpl/size.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (compatible; MSIE 10.0; Windows NT 6.1; Trident/6.0)"
45.133.7.70 - - [20/Jun/2026:01:12:36 +0800] "GET /templates/beez/index.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
45.133.7.70 - - [20/Jun/2026:01:12:37 +0800] "GET /bypass.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:72.0) Gecko/20100101 Firefox/72.0"
45.133.7.70 - - [20/Jun/2026:01:12:37 +0800] "GET /class.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/75.0.3770.100 Safari/537.36"
45.133.7.70 - - [20/Jun/2026:01:1
...
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
conseilgouz
2026-06-19 06:11:46
(1 week ago)
doe-7 : Trying access unauthorized files/dir=>/.wp/wso.php
Hacking
๐ซ๐ท
SpaceHost-Server
2026-06-18 22:32:39
(1 week ago)
Brute-Force
Web App Attack