π³π±
Site.eu
2026-06-29 09:11:25
(1 day ago)
Excessive 404/403 errors
Brute-Force
π«π·
masterguru
2026-06-28 10:29:20
(2 days ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)
Hacking
Anonymous
2026-06-27 06:29:58
(3 days ago)
91.124.88.39 - - [27/Jun/2026:14:29:57 +0800] "GET /wp-admin/css/colors/blue/shell.php HTTP/1.1" 301 ...
show more
91.124.88.39 - - [27/Jun/2026:14:29:57 +0800] "GET /wp-admin/css/colors/blue/shell.php HTTP/1.1" 301 267 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
π«π·
Octopuce
2026-06-26 23:46:05
(3 days ago)
Aggressive web search of vulnerable pages: /templates/beez/ /css/ /assets/ /wp-content/plugins/wp-th ...
show more
Aggressive web search of vulnerable pages: /templates/beez/ /css/ /assets/ /wp-content/plugins/wp-theme-editor/ /wp-content/plugins/up/ /fonts/ ...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 13:22:04
(4 days ago)
(mod_security) mod_security (id:240000) triggered by 91.124.88.39 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240000) triggered by 91.124.88.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 09:21:58.042964 2026] [security2:error] [pid 5896:tid 5906] [client 91.124.88.39:28097] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||lbakkercpa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "lbakkercpa.com"] [uri "/images/stories/themes.php"] [unique_id "aj589sun9jtSYRs3LVr2aAAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-06-25 21:02:23
(4 days ago)
Excessive 404/403 errors
Brute-Force
π¬π§
consul.to
2026-06-25 08:18:17
(5 days ago)
Web attack/malicious scanning detected
Web App Attack
π¬π·
setupgr
2026-06-24 19:17:15
(5 days ago)
(mod_security) mod_security (id:1000001) triggered by 91.124.88.39 (AU/Australia/South Australia/Ade ...
show more
(mod_security) mod_security (id:1000001) triggered by 91.124.88.39 (AU/Australia/South Australia/Adelaide/-/[AS137409 GSLNETWORKS-AS-AP GSL Networks Pty LTD]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Wed Jun 24 22:17:14.700882 2026] [security2:error] [pid 246441:tid 246486] [client 91.124.88.39:64967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-includes/ID3/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /wp-includes/ID3/about.php"] [severity "CRITICAL"] [tag "security"] [hostname "pankoskal.gr"] [uri "/wp-includes/ID3/about.php"] [unique_id "ajwtOnxY7HlzXCTZPFFhOAAAAAw"]
show less
Port Scan
π¬π§
consul.to
2026-06-24 05:08:34
(6 days ago)
Web attack/malicious scanning detected
Web App Attack
π¬π§
consul.to
2026-06-23 02:24:19
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
π«π·
Octopuce
2026-05-09 16:42:03
(1 month ago)
Aggressive web search of vulnerable pages: /about/function.php /wp-includes/ID3/about.php /wp-conten ...
show more
Aggressive web search of vulnerable pages: /about/function.php /wp-includes/ID3/about.php /wp-content/languages/404.php /update/403.php /defaul ...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-09 01:11:40
(1 month ago)
(mod_security) mod_security (id:240000) triggered by 91.124.88.39 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240000) triggered by 91.124.88.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 21:11:33.823207 2026] [security2:error] [pid 20287:tid 20287] [client 91.124.88.39:23541] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||leviwalkerportfolio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "leviwalkerportfolio.com"] [uri "/images/stories/themes.php"] [unique_id "af6JxWBWlKCMd1U9eHKWCgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-05 15:01:07
(1 month ago)
[redacted] 91.124.88.39 - - [05/May/2026:17:01:00 +0200] "GET /.well-known/pki-validation/admin.php ...
show more
[redacted] 91.124.88.39 - - [05/May/2026:17:01:00 +0200] "GET /.well-known/pki-validation/admin.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
[redacted] 91.124.88.39 - - [05/May/2026:17:01:01 +0200] "GET /wp-includes/IXR/admin.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0"
[redacted] 91.124.88.39 - - [05/May/2026:17:01:01 +0200] "GET /wp-admin/js/index.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:71.0) Gecko/20100101 Firefox/71.0"
[redacted] 91.124.88.39 - - [05/May/2026:17:01:02 +0200] "GET /wp-admin/network/network.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.97 Safari/537.36"
[redacted] 91.124.88.39 - - [05/May/2026:17:01:03 +0200] "GET /admin/upload/css.php HTTP/1.1" 404 196 "-" "Mozilla/5
...
show less
Hacking
Web App Attack
π«π·
masterguru
2026-03-22 01:28:47
(3 months ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-135)
show less
Bad Web Bot
πΊπΈ
mnsf
2026-03-21 06:05:24
(3 months ago)
Too many Status 40X (11)
Brute-Force
Web App Attack