๐ฉ๐ช
Blexyel
2026-07-18 22:23:57
(11 hours ago)
104.23.213.84 - - [19/Jul/2026:00:23:57 +0200] "GET /wp-content/wp-login.php HTTP/1.1" 404 13 "-" "- ...
show more
104.23.213.84 - - [19/Jul/2026:00:23:57 +0200] "GET /wp-content/wp-login.php HTTP/1.1" 404 13 "-" "-"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
oncord
2026-06-08 08:00:47
(1 month ago)
Form spam
Web Spam
Anonymous
2026-05-31 13:43:28
(1 month ago)
104.23.213.84 - - [31/May/2026:15:42:28 +0200] "GET /?items/S303176244/ HTTP/1.1" 410 545 "-" "Mozil ...
show more
104.23.213.84 - - [31/May/2026:15:42:28 +0200] "GET /?items/S303176244/ HTTP/1.1" 410 545 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.7778.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
104.23.213.84 - - [31/May/2026:15:42:29 +0200] "GET /?items/E301137284/ HTTP/1.1" 410 545 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.7778.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
104.23.213.84 - - [31/May/2026:15:42:30 +0200] "GET /?items/X165160012/ HTTP/1.1" 410 545 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.7778.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)"
104.23.213.84 - - [31/May/2026:15:42:30 +0200] "GET /?items/A263971345/ HTTP/1.1" 410 545 "-" "Mozilla/5.0 (Linu
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 17:27:21
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 13:27:16.134899 2026] [security2:error] [pid 15884:tid 15884] [client 104.23.213.84:13859] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.usbea.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.usbea.com"] [uri "/backup.sql"] [unique_id "ahSGdLGaeS_7nlibfxh38wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 08:39:26
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 04:38:17.399175 2026] [security2:error] [pid 4914:tid 4914] [client 104.23.213.84:12416] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||newlifeworshipcentre-gc.org|F|2"] [data ".key"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "newlifeworshipcentre-gc.org"] [uri "/config/master.key"] [unique_id "agbbeR2zoh9ZlnNOLmbQgwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-15 06:39:56
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 02:36:47.653232 2026] [security2:error] [pid 3199:tid 3199] [client 104.23.213.84:10218] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "koshland.us"] [uri "/.env.development"] [unique_id "aga-_7l4gQJYuwChResJXQAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:04
(2 months ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
Anonymous
2026-05-11 12:19:36
(2 months ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-09 20:44:24
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 09 16:44:19.398867 2026] [security2:error] [pid 30656:tid 30656] [client 104.23.213.84:9356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rockymtnfire.com"] [uri "/.git/config"] [unique_id "af-co23f0dI-tdhTvyQ4ZwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-19 03:49:37
(3 months ago)
Aggressive web scan
Web App Attack
Anonymous
2026-04-17 06:19:38
(3 months ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
mnsf
2026-04-06 21:05:50
(3 months ago)
Scanning/Probing (14)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-05 10:06:30
(3 months ago)
Scanning/Probing (19)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-30 04:05:48
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
Anonymous
2026-03-29 13:40:07
(3 months ago)
[Sun Mar 29 15:40:05.684870 2026] [authz_core:error] [pid 6244] [client 104.23.213.84:13380] AH01630 ...
show more
[Sun Mar 29 15:40:05.684870 2026] [authz_core:error] [pid 6244] [client 104.23.213.84:13380] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Mar 29 15:40:05.788717 2026] [authz_core:error] [pid 6244] [client 104.23.213.84:13380] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sun Mar 29 15:40:05.893209 2026] [authz_core:error] [pid 6244] [client 104.23.213.84:13380] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack