Anonymous
2026-07-05 12:39:39
(3 days ago)
[Sun Jul 05 14:39:38.825968 2026] [authz_core:error] [pid 12745] [client 104.23.175.47:13208] AH0163 ...
show more
[Sun Jul 05 14:39:38.825968 2026] [authz_core:error] [pid 12745] [client 104.23.175.47:13208] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Jul 05 14:39:39.011662 2026] [authz_core:error] [pid 12745] [client 104.23.175.47:13208] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Jul 05 14:39:39.367790 2026] [authz_core:error] [pid 12745] [client 104.23.175.47:13208] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2026-07-03 00:31:07
(5 days ago)
[Fri Jul 03 02:31:05.335042 2026] [authz_core:error] [pid 6340] [client 104.23.175.47:10059] AH01630 ...
show more
[Fri Jul 03 02:31:05.335042 2026] [authz_core:error] [pid 6340] [client 104.23.175.47:10059] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Jul 03 02:31:05.511449 2026] [authz_core:error] [pid 6340] [client 104.23.175.47:10059] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Fri Jul 03 02:31:05.690587 2026] [authz_core:error] [pid 6340] [client 104.23.175.47:10059] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2026-06-30 07:54:39
(1 week ago)
104.23.175.47 - - > tecnicman.it [30/Jun/2026:09:54:15 +0200] "POST /xmlrpc.php HTTP/2.0" 301 162 "- ...
show more
104.23.175.47 - - > tecnicman.it [30/Jun/2026:09:54:15 +0200] "POST /xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15" "2407:aa80:15:e1f3::c"
104.23.175.47 - - > tecnicman.it [30/Jun/2026:09:54:38 +0200] "POST /wpsite/xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" "2407:aa80:15:e1f3::c"
104.23.175.47 - - > tecnicman.it [30/Jun/2026:09:54:38 +0200] "POST /wpsite/xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36 Edg/138.0.0.0" "2407:aa80:15:e1f3::c"
104.23.175.47 - - > tecnicman.it [30/Jun/2026:09:54:39 +0200] "POST /old/xmlrpc.php HTTP/2.0" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0" "2407:aa80:15:e1f3::c"
...
show less
Hacking
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 09:48:43
(1 week ago)
104.23.175.47 - - > tecnicman.it [27/Jun/2026:11:47:21 +0200] "POST /wp-login.php HTTP/2.0" 301 162 ...
show more
104.23.175.47 - - > tecnicman.it [27/Jun/2026:11:47:21 +0200] "POST /wp-login.php HTTP/2.0" 301 162 "https://tecnicman.it/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36" "161.118.221.77"
104.23.175.47 - - > tecnicman.it [27/Jun/2026:11:48:39 +0200] "POST /wp-login.php HTTP/2.0" 301 162 "https://tecnicman.it/wp-login.php" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36" "161.118.221.77"
104.23.175.47 - - > tecnicman.it [27/Jun/2026:11:48:40 +0200] "POST /wp-login.php HTTP/2.0" 301 162 "https://tecnicman.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.131 Safari/537.36" "161.118.221.77"
104.23.175.47 - - > tecnicman.it [27/Jun/2026:11:48:41 +0200] "POST /wp-login.php HTTP/2.0" 301 162 "https://tecnicman.it/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Ge
...
show less
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
acadeova
2026-05-31 01:23:09
(1 month ago)
๐จ Recon detected (nft drop)
SRC=104.23.175.47
Observed=TCP dpt=80 in=enp0s6 ttl=55
Time=recent(journ ...
show more
๐จ Recon detected (nft drop)
SRC=104.23.175.47
Observed=TCP dpt=80 in=enp0s6 ttl=55
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
Anonymous
2026-05-27 08:22:03
(1 month ago)
[Wed May 27 10:22:01.861160 2026] [authz_core:error] [pid 17921] [client 104.23.175.47:12867] AH0163 ...
show more
[Wed May 27 10:22:01.861160 2026] [authz_core:error] [pid 17921] [client 104.23.175.47:12867] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Wed May 27 10:22:02.211406 2026] [authz_core:error] [pid 17921] [client 104.23.175.47:12867] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Wed May 27 10:22:02.559890 2026] [authz_core:error] [pid 17921] [client 104.23.175.47:12867] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2026-05-11 21:07:16
(1 month ago)
[Mon May 11 23:07:15.252773 2026] [authz_core:error] [pid 8638] [client 104.23.175.47:10365] AH01630 ...
show more
[Mon May 11 23:07:15.252773 2026] [authz_core:error] [pid 8638] [client 104.23.175.47:10365] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon May 11 23:07:15.415581 2026] [authz_core:error] [pid 8638] [client 104.23.175.47:10365] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Mon May 11 23:07:15.600940 2026] [authz_core:error] [pid 8638] [client 104.23.175.47:10365] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-11 05:44:02
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 01:43:56.517139 2026] [security2:error] [pid 9171:tid 9171] [client 104.23.175.47:9537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "averye.com"] [uri "/.git/config"] [unique_id "agFsnDAt8dwiZgtuPcVlCwAAAAY"], referer: https://www.google.com/search?q=averye.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-11 05:28:25
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 01:28:15.731771 2026] [security2:error] [pid 24886:tid 24886] [client 104.23.175.47:11771] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kreweofhyatt.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kreweofhyatt.com"] [uri "/db_backup.sql"] [unique_id "agFo78YO8HAZYeAPm2O5xQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-11 05:03:03
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 11 01:02:49.152520 2026] [security2:error] [pid 8544:tid 8544] [client 104.23.175.47:12031] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "davidfortier.com"] [uri "/.env"] [unique_id "agFi-XGlUyNOQQy2bUWgUwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-08 13:38:10
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.175.47 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 08 09:36:08.112397 2026] [security2:error] [pid 31853:tid 31853] [client 104.23.175.47:12803] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.uraniumjewelry.com"] [uri "/.env.vercel"] [unique_id "af3myFu1K_TI7bXBXTkmDwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
Shaik Sai Meera
2026-04-30 00:02:44
(2 months ago)
IM360 WAF: Hidden file access
Brute-Force
๐ซ๐ฎ
Shaik Sai Meera
2026-04-28 00:02:49
(2 months ago)
IM360 WAF: Hidden file access
Brute-Force
Anonymous
2026-04-27 23:30:54
(2 months ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐ซ๐ฎ
Shaik Sai Meera
2026-04-26 00:02:34
(2 months ago)
IM360 WAF: Hidden file access
Brute-Force