๐บ๐ธ
TPI-Abuse
2026-07-03 12:07:18
(7 hours ago)
(mod_security) mod_security (id:240000) triggered by 91.124.88.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240000) triggered by 91.124.88.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:07:10.920909 2026] [security2:error] [pid 23128:tid 23128] [client 91.124.88.23:35023] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||theledman.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "theledman.com"] [uri "/images/stories/themes.php"] [unique_id "akel7n9PCPgg22ClpYH1pAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-02 15:13:16
(1 day ago)
Multiple WAF Violations
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-01 03:46:52
(2 days ago)
Excessive 404/403 errors
Brute-Force
๐ซ๐ท
Baking333
2026-06-30 15:36:24
(3 days ago)
[redacted] 91.124.88.23 - - [30/Jun/2026:16:36:22 +0100] "GET /wp-content/plugins/ubh/[redacted] HTT ...
show more
[redacted] 91.124.88.23 - - [30/Jun/2026:16:36:22 +0100] "GET /wp-content/plugins/ubh/[redacted] HTTP/1.1" 301 576 0/133 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0" [redacted] 91.124.88.23 - - [30/Jun/2026:16:36:23 +0100] "GET /wp-admin/images/[redacted] HTTP/1.1" 301 576 0/294 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:77.0) Gecko/20100101 Firefox/77.0"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:14:33
(4 days ago)
(mod_security) mod_security (id:240000) triggered by 91.124.88.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240000) triggered by 91.124.88.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:14:29.743815 2026] [security2:error] [pid 12138:tid 12138] [client 91.124.88.23:26173] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||hker.hongkonger.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "hker.hongkonger.org"] [uri "/images/stories/themes.php"] [unique_id "akINRQdSpGSm849OB_fdBwAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-28 19:21:23
(4 days ago)
Excessive 404/403 errors
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-27 06:35:21
(6 days ago)
(mod_security) mod_security (id:240000) triggered by 91.124.88.23 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240000) triggered by 91.124.88.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:35:16.406512 2026] [security2:error] [pid 22293:tid 22293] [client 91.124.88.23:57193] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||clossglobal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "clossglobal.com"] [uri "/images/stories/themes.php"] [unique_id "aj9vJIfMJ812r5Ua9ZZ8aAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 06:26:33
(6 days ago)
91.124.88.23 - - [27/Jun/2026:14:26:33 +0800] "GET /cgi-bin/class.api.php HTTP/1.1" 301 254 "-" "Moz ...
show more
91.124.88.23 - - [27/Jun/2026:14:26:33 +0800] "GET /cgi-bin/class.api.php HTTP/1.1" 301 254 "-" "Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/84.0.4147.105 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ซ๐ท
Octopuce
2026-06-26 14:11:32
(1 week ago)
Aggressive web search of vulnerable pages: /assets/bypass.php /aa.php /index2.php /wp-content/themes ...
show more
Aggressive web search of vulnerable pages: /assets/bypass.php /aa.php /index2.php /wp-content/themes/hello-element/footer.php /wp-admin/network ...
show less
Web App Attack
๐ฌ๐ท
setupgr
2026-06-24 19:16:45
(1 week ago)
(mod_security) mod_security (id:1000001) triggered by 91.124.88.23 (AU/Australia/South Australia/Ade ...
show more
(mod_security) mod_security (id:1000001) triggered by 91.124.88.23 (AU/Australia/South Australia/Adelaide/-/[AS137409 GSLNETWORKS-AS-AP GSL Networks Pty LTD]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 22:16:40.406989 2026] [security2:error] [pid 246441:tid 246496] [client 91.124.88.23:28421] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/db.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-content/plugins/seoplugins/db.php"] [severity "CRITICAL"] [tag "security"] [hostname "pankoskal.gr"] [uri "/wp-content/plugins/seoplugins/db.php"] [unique_id "ajwtGHxY7HlzXCTZPFFhMgAAABY"]
show less
Port Scan
๐ฌ๐ง
consul.to
2026-06-23 15:29:20
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐ซ๐ท
Octopuce
2026-05-09 16:49:22
(1 month ago)
Aggressive web search of vulnerable pages: /moon.php /webadmin.php /wp-includes/PHPMailer/about.php ...
show more
Aggressive web search of vulnerable pages: /moon.php /webadmin.php /wp-includes/PHPMailer/about.php /xl2023.php /go.php /wp-admin/xleet.php /te ...
show less
Web App Attack
๐ณ๐ฑ
Site.eu
2026-05-05 13:03:16
(1 month ago)
Excessive 404/403 errors
Brute-Force
๐ฆ๐บ
oncord
2026-04-16 14:49:27
(2 months ago)
Form spam
Web Spam
๐บ๐ธ
mnsf
2026-03-22 03:05:22
(3 months ago)
Too many Status 40X (11)
Brute-Force
Web App Attack