๐ซ๐ท
Baking333
2026-07-03 09:14:51
(2 hours ago)
[redacted] 47.84.202.108 - - [03/Jul/2026:10:14:49 +0100] "GET /administrator/[redacted] HTTP/2.0" 3 ...
show more
[redacted] 47.84.202.108 - - [03/Jul/2026:10:14:49 +0100] "GET /administrator/[redacted] HTTP/2.0" 301 294 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/5310.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/5310.36" [redacted] 47.84.202.108 - - [03/Jul/2026:10:14:50 +0100] "GET /administrator/ HTTP/2.0" 301 76 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/5310.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/5310.36"
show less
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-07-03 01:30:59
(10 hours ago)
Repeated 404 errors, blocked by Fail2ban in custom-404 jail
Bad Web Bot
๐ง๐ช
Saec
2026-07-02 18:00:10
(17 hours ago)
Jarvis auto-ban: CF honeypot path /wp-login.php (1ร on saec.me)
Port Scan
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-02 08:00:34
(1 day ago)
[Thu Jul 02 18:00:33.862771 2026] [security2:error] [pid 491564] [client 47.84.202.108:64277] [clien ...
show more
[Thu Jul 02 18:00:33.862771 2026] [security2:error] [pid 491564] [client 47.84.202.108:64277] [client 47.84.202.108] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/.env"] [unique_id "akYaoYVa_geNKL9oGKy2GgAAAAQ"]
...
show less
Web App Attack
๐ซ๐ท
Baking333
2026-07-01 23:51:23
(1 day ago)
[redacted] 47.84.202.108 - - [02/Jul/2026:00:51:21 +0100] "GET /administrator/[redacted] HTTP/2.0" 3 ...
show more
[redacted] 47.84.202.108 - - [02/Jul/2026:00:51:21 +0100] "GET /administrator/[redacted] HTTP/2.0" 301 295 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/5310.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/5310.36" [redacted] 47.84.202.108 - - [02/Jul/2026:00:51:21 +0100] "GET /administrator/ HTTP/2.0" 301 53 "-" "Mozilla/5.0 (Linux; Android 11; Redmi Note 9 Pro Build/RKQ1.200826.002; wv) AppleWebKit/5310.36 (KHTML, like Gecko) Version/4.0 Chrome/90.0.4430.210 Mobile Safari/5310.36"
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
demomodule
2026-07-01 15:24:04
(1 day ago)
PrestaShop Security Module: WordPress probe path detected
Web App Attack
๐ง๐ช
Saec
2026-07-01 11:15:04
(2 days ago)
Jarvis auto-ban: CF honeypot path /wp-login.php (1ร on saec.me)
Port Scan
Web App Attack
๐บ๐ธ
nyt
2026-06-30 04:46:11
(3 days ago)
POST to /admin/index.php suggests unauthorized access attempt., Sensitive File Probe
Web App Attack
๐จ๐ญ
Origon
2026-06-29 18:40:36
(3 days ago)
http-admin-interface-probing - IP: 47.84.202.108 - time="2026-06-29T20:40:35+02:00" level=info msg= ...
show more
http-admin-interface-probing - IP: 47.84.202.108 - time="2026-06-29T20:40:35+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-admin-interface-probing by ip 47.84.202.108 (SG/45102) : 4h ban on Ip 47.84.202.108" module=db
show less
Web App Attack
๐ฉ๐ช
4server
2026-06-29 16:31:17
(3 days ago)
[MonJun2918:31:14.2755912026][security2:error][pid3241070:tid3241155][client47.84.202.108:0]ModSecur ...
show more
[MonJun2918:31:14.2755912026][security2:error][pid3241070:tid3241155][client47.84.202.108:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:\\\\\\\\b\(\?:\\\\\\\\.\(\?:ht\(\?:access\|passwd\|group\)\|www_\?acl\)\|global\\\\\\\\.asa\|httpd\\\\\\\\.conf\|boot\\\\\\\\.ini\|web.config\)\\\\\\\\b\|\(\|\^\|\\\\\\\\.\\\\\\\\.\)/etc/\|/\\\\\\\\.\(\?:history\|bash_history\|sh_history\|env\)\$\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"204\"][id\"390709\"][rev\"30\"][msg\"Atomicorp.comWAFRules:Attempttoaccessprotectedfileremotely\"][data\"/.env\"][severity\"CRITICAL\"][hostname\"restaurantgandria.ch\"][uri\"/dev/.env\"][unique_id\"akKd0moMiHrc1fNmO2L1-AAAAJY\"]
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 13:46:19
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 47.84.202.108 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.84.202.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 09:46:13.536943 2026] [security2:error] [pid 22879:tid 22879] [client 47.84.202.108:61017] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chatgptfrance.net"] [uri "/.env"] [unique_id "akJ3JV-0r4DsgvvbJFnDagAAACg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
demomodule
2026-06-29 04:10:02
(4 days ago)
PrestaShop Security Module: WordPress probe path detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 21:58:38
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 47.84.202.108 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.84.202.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 17:58:34.057007 2026] [security2:error] [pid 15761:tid 15761] [client 47.84.202.108:59800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "frogdesignmexico.com"] [uri "/.env"] [unique_id "akGZCrZ71nLK8ggGkXDSTQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 16:36:33
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 47.84.202.108 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 47.84.202.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 12:36:25.981843 2026] [security2:error] [pid 29494:tid 29494] [client 47.84.202.108:52492] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.zezel.com"] [uri "/.env"] [unique_id "akFNifuG5KJQFYvibh5l6gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
Saec
2026-06-28 10:45:06
(5 days ago)
Jarvis auto-ban: CF honeypot path /wp-login.php (1ร on saec.me)
Port Scan
Web App Attack