πΊπΈ
mnsf
2026-06-04 19:07:30
(1 month ago)
Abuse Detected (2)
Brute-Force
Web App Attack
Anonymous
2026-04-25 08:48:31
(2 months ago)
Forum/form spam
Web Spam
π«π·
masterguru
2026-03-29 16:12:35
(3 months ago)
(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.39.224 (US/United States/-): 1 in the ...
show more
(modsec_5015) ModSec 5015: Suspicious User-Agent from 104.207.39.224 (US/United States/-): 1 in the last 3600 secs (0-196)
show less
Hacking
Anonymous
2026-03-22 09:09:24
(3 months ago)
Forum/form spam
Web Spam
π¬π§
relianoid.com
2026-03-06 12:42:40
(3 months ago)
POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com
Web Spam
Anonymous
2026-02-21 15:08:31
(4 months ago)
Forum/form spam
Web Spam
πΊπΈ
TPI-Abuse
2025-12-26 12:29:03
(6 months ago)
(mod_security) mod_security (id:225170) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 26 07:28:57.734845 2025] [security2:error] [pid 4562:tid 4562] [client 104.207.39.224:45411] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||sharonmauldin.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sharonmauldin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aU5_iQKk4KZSTQf6S4wrEwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-13 11:09:17
(6 months ago)
botnet
DDoS Attack
πΊπΈ
TPI-Abuse
2025-11-24 08:13:52
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 03:13:42.615628 2025] [security2:error] [pid 3514982:tid 3514982] [client 104.207.39.224:54505] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.wilsontribe.org"] [uri "/.svn/wc.db"] [unique_id "aSQTtnCldkO4MNjdA4frwQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 07:07:58
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:07:49.969371 2025] [security2:error] [pid 28541:tid 28541] [client 104.207.39.224:15649] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "appsdips.com"] [uri "/.svn/wc.db"] [unique_id "aSQERS4y2TVaLjUKifQA7gAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 06:48:37
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:48:23.742683 2025] [security2:error] [pid 6741:tid 6741] [client 104.207.39.224:25775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "anniversarynapkins.com"] [uri "/.svn/wc.db"] [unique_id "aSP_t7i0K9Q8WhfDumdNhQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 04:59:20
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:59:12.469115 2025] [security2:error] [pid 18193:tid 18271] [client 104.207.39.224:27645] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.rubenluis.com"] [uri "/.env"] [unique_id "aSPmIJqABul9tZzps9kfMgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-11-24 04:38:18
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.39.224 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:38:10.814127 2025] [security2:error] [pid 11531:tid 11531] [client 104.207.39.224:56877] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.sanvicentedelraspeig.com"] [uri "/.svn/wc.db"] [unique_id "aSPhMk1Li7HAR-Iotw4dfwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mind5t0rm
2025-11-20 01:41:14
(7 months ago)
(WPLOGIN) WP Login Attack 104.207.39.224 (US/United States/-): 3 in the last 3600 secs; Ports: *; Di ...
show more
(WPLOGIN) WP Login Attack 104.207.39.224 (US/United States/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 104.207.39.224 - - [20/Nov/2025:08:41:07 +0700] "GET /wp-login.php HTTP/2.0" 200 2549 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
104.207.39.224 - - [20/Nov/2025:08:41:08 +0700] "GET /wp-login.php HTTP/2.0" 200 2549 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
104.207.39.224 - - [20/Nov/2025:08:41:10 +0700] "POST /wp-login.php HTTP/2.0" 200 2674 "https://24hoursnewsletters.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203"
show less
Port Scan
Anonymous
2025-11-14 12:10:32
(7 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack