๐ซ๐ท
ELYAZ
2026-06-30 15:06:42
(18 hours ago)
(y4) Failed scan -byebye- from 104.207.57.230 (DE/Germany/-): (CF_ENABLE)
Hacking
๐ซ๐ท
pm33
2026-06-30 07:32:18
(1 day ago)
Wordpress login attempts
Brute-Force
๐ซ๐ท
ELYAZ
2026-06-29 01:35:43
(2 days ago)
(y4) Failed scan -byebye- from 104.207.57.230 (DE/Germany/-): (CF_ENABLE)
Hacking
๐ฉ๐ช
SCHAPPY
2026-06-28 20:57:52
(2 days ago)
Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST c ...
show more
Wordpress attack: Submitted data to wp-login.php prior getting page content, attempt blocked. POST counter 1 is greater than GET counter 0, captcha counter for /wp-login.php by 104.207.57.230.
show less
Web Spam
๐ฒ๐น
Malta
2026-06-28 01:23:56
(3 days ago)
104.207.57.230 - - [28/Jun/2026:03:23:56 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubu ...
show more
104.207.57.230 - - [28/Jun/2026:03:23:56 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36"
Brute-force password attempt
show less
Hacking
Web App Attack
Brute-Force
๐ซ๐ท
Hippoline
2026-06-27 22:51:05
(3 days ago)
Jun 28 00:51:02 local wp(XXXX-B)[21369]: Authentication attempt for unknown user wpapitest from ::ff ...
show more
Jun 28 00:51:02 local wp(XXXX-B)[21369]: Authentication attempt for unknown user wpapitest from ::ffff:104.207.57.230
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-28 20:11:29
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 15:11:21.623282 2025] [security2:error] [pid 13519:tid 13519] [client 104.207.57.230:50517] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aares2026.net"] [uri "/wp-config.php.old"] [unique_id "aSoB6QxDjkeKNKz3FsqwvgAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-28 05:19:14
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 28 00:19:08.155670 2025] [security2:error] [pid 17836:tid 17836] [client 104.207.57.230:17145] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||9288889602.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "9288889602.com"] [uri "/database.sql"] [unique_id "aSkwzAPySBTsUtU5YSma0wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
geot
2025-11-25 14:05:46
(7 months ago)
GET /.git/HEAD HTTP/1.1
Hacking
Web App Attack
Anonymous
2025-11-24 08:29:36
(7 months ago)
Malicious activity detected
Hacking
Web App Attack
๐ฑ๐ป
garmtech.com
2025-11-24 08:12:46
(7 months ago)
Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 07:49:12
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 02:47:08.312196 2025] [security2:error] [pid 132008:tid 132029] [client 104.207.57.230:54947] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.dreyerlabs.com"] [uri "/.git/HEAD"] [unique_id "aSQNfAH-XN5lTt6cMbdLBwAAAFA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 06:30:14
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 01:29:56.966876 2025] [security2:error] [pid 30589:tid 30589] [client 104.207.57.230:26549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.med-engineering.com"] [uri "/.git/HEAD"] [unique_id "aSP7ZKIsVUxCxlJdkP7yFQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 05:24:22
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:24:16.445247 2025] [security2:error] [pid 15615:tid 15615] [client 104.207.57.230:39445] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.cafelimelight.info"] [uri "/.svn/wc.db"] [unique_id "aSPsALVtxtEC7R6TmV__tgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-24 04:14:24
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.57.230 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 23:14:15.471881 2025] [security2:error] [pid 19513:tid 19513] [client 104.207.57.230:42063] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.jkg1.com"] [uri "/.env"] [unique_id "aSPbl_GxQB3oNizPukZ2jwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack