๐ต๐น
Subnet Phantom Veil
2026-07-05 10:33:39
(17 hours ago)
[Security Alert] Targeted scanning for WordPress vulnerabilities has been detected. Access automatic ...
show more
[Security Alert] Targeted scanning for WordPress vulnerabilities has been detected. Access automatically blocked, and the IP Address banned. [Method]: => GET. [Request]: => /wp-json/gravitysmtp/v1/tests/mock-data?page=gravitysmtp-settings. Access revoked. [User-Agent]: curl/8.7.1. [OS]: Unknown. [IP Address]: 104.207.33.23. [Date]: 2026-07-05 11:21:50 UTC.
show less
Bad Web Bot
Hacking
Port Scan
Web App Attack
๐บ๐ธ
lostswordfish.com
2026-05-27 13:34:05
(1 month ago)
Wordfence waf block on registrymatters
Web App Attack
๐ต๐ฑ
sefinek.net
2026-04-02 04:20:59
(3 months ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: / | UA: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ฉ๐ช
Mr-Money
2026-02-18 03:40:43
(4 months ago)
scenario: crowdsecurity/http-sensitive-files - events: 5
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-02-18 01:15:38
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 17 20:15:31.620029 2026] [security2:error] [pid 1525463:tid 1525463] [client 104.207.33.23:45343] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "penisbreath.com"] [uri "/.git/config"] [unique_id "aZUSs_4TyEmTal7dSjPyJQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-02-15 23:06:12
(4 months ago)
Scanning/Probing (25)
Brute-Force
Web App Attack
๐ง๐พ
lns.bz
2026-02-15 12:17:57
(4 months ago)
.env scanning [BY]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 12:10:47
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 07:10:40.271361 2026] [security2:error] [pid 19790:tid 19831] [client 104.207.33.23:47995] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "teddysdeli.com"] [uri "/wp/.git/config"] [unique_id "aZG3wKueBSr7dToNCHWT8QAAAMg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 05:48:34
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 15 00:48:26.374909 2026] [security2:error] [pid 915204:tid 915204] [client 104.207.33.23:55873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sweak.com"] [uri "/test/.git/config"] [unique_id "aZFeKq-On2SUnHIsZzBmoQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 04:00:28
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 23:00:23.552077 2026] [security2:error] [pid 184122:tid 184243] [client 104.207.33.23:55171] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "stoborough.org"] [uri "/.env.save"] [unique_id "aZFE1xZxbpqQBAmMeBF8AgAAAhY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 03:01:37
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 22:01:34.805838 2026] [security2:error] [pid 22778:tid 22778] [client 104.207.33.23:37349] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ssl-grp.com"] [uri "/dev/.git/config"] [unique_id "aZE3DjX-PrQALyXTYDki7gAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 02:44:06
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:43:58.819143 2026] [security2:error] [pid 27084:tid 27084] [client 104.207.33.23:52001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "naghmehfarahmand.com"] [uri "/.env.production"] [unique_id "aZEy7t7x2xFTql1aySfQ9wAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ParaBug
2026-02-15 02:32:04
(4 months ago)
104.207.33.23 - - [15/Feb/2026:03:32:03 +0100] "GET /app/.git/config HTTP/1.1" 301 539 "-" "Mozilla/ ...
show more
104.207.33.23 - - [15/Feb/2026:03:32:03 +0100] "GET /app/.git/config HTTP/1.1" 301 539 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Phishing
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 02:29:03
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 21:28:56.790060 2026] [security2:error] [pid 14318:tid 14318] [client 104.207.33.23:17249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "spiht.com"] [uri "/new/.git/config"] [unique_id "aZEvaA1hkl1endE84bjCJgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-15 01:55:32
(4 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.33.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 20:55:24.271146 2026] [security2:error] [pid 799:tid 799] [client 104.207.33.23:58157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mydobdate.net"] [uri "/.env.local"] [unique_id "aZEnjFsWPMSXN3qpqW3oGQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack