π§πͺ
taivas.nl
2026-07-08 04:32:22
(1 day ago)
Many_bad_calls
Web App Attack
πΊπΈ
mw
2026-07-08 00:20:29
(1 day ago)
GET /wp-admin/a.php HTTP/1.1
Web App Attack
π©πͺ
Skyrider
2026-07-07 22:02:53
(2 days ago)
Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-07-07 21:59:39
(2 days ago)
Auto-ban: >3000 req/min op 2026-07-07
Web App Attack
SSH
Hacking
πΊπΈ
TPI-Abuse
2026-07-07 21:52:44
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:52:38.527587 2026] [security2:error] [pid 19469:tid 19469] [client 104.208.98.87:9365] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.glolady.com"] [uri "/wp-config.php"] [unique_id "ak11JmMu97QPCG8uOaHkoQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 21:35:29
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:35:22.936960 2026] [security2:error] [pid 16379:tid 16379] [client 104.208.98.87:2037] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "myomni.us"] [uri "/wp-config.php"] [unique_id "ak1xGkB_AzTVzZTRqGFYIgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 21:17:22
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:17:19.659472 2026] [security2:error] [pid 26379:tid 26379] [client 104.208.98.87:7377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.waynejarvi.com"] [uri "/wp-config.php"] [unique_id "ak1s3wcPZofNrWTIi0LyrQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Dorian GRANDHAY
2026-07-07 21:13:36
(2 days ago)
(PERMBLOCK) 104.208.98.87 (HK/Hong Kong/-) has had more than 4 temp blocks in the last 604800 secs; ...
show more
(PERMBLOCK) 104.208.98.87 (HK/Hong Kong/-) has had more than 4 temp blocks in the last 604800 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Port Scan
π©πͺ
YF
2026-07-07 21:00:11
(2 days ago)
Attaque distribuΓ©e subnet
DDoS Attack
Web App Attack
π¨π
zynex
2026-07-07 20:59:40
(2 days ago)
URL Probing: /wp-content/plugins/hellopress/wp_filemanager.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 20:50:07
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.208.98.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 16:50:00.089566 2026] [security2:error] [pid 8270:tid 8270] [client 104.208.98.87:9441] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.acpalms.com"] [uri "/wp-config.php"] [unique_id "ak1meHuv2LaSAsaiME3liAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
Smish
2026-07-07 20:36:05
(2 days ago)
HONEYPOT HIT --> Fail2ban time=1783456564 log=2026-07-07T21:36:04+01:00 ip=104.208.98.87 host=vmhost ...
show more
HONEYPOT HIT --> Fail2ban time=1783456564 log=2026-07-07T21:36:04+01:00 ip=104.208.98.87 host=vmhost01.mci.as210667.net method=GET uri="/wp-login.php" status=404 ua="-" ref="-" rid=3ff6f31fcd63eb049f533e808f17aa2f
show less
Web App Attack
π¦π±
router.al
2026-07-07 20:31:13
(2 days ago)
07/07/2026-20:31:13.343943 104.208.98.87 Protocol: 6 ET WEB_SERVER WEB-PHP phpinfo access
Port Scan
π©πͺ
Lino Project
2026-07-07 20:30:41
(2 days ago)
104.208.98.87 - - [07/Jul/2026:22:30:37 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ...
show more
104.208.98.87 - - [07/Jul/2026:22:30:37 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 56310 "-" "-"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
polarolouis
2026-07-07 20:30:31
(2 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing
Web App Attack
Hacking