๐ท๐บ
DZBOT
2026-07-09 14:33:51
(3 hours ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
on-com
2026-07-09 06:41:54
(11 hours ago)
URL scan
Brute-Force
Web App Attack
๐ฉ๐ช
srtzero
2026-07-08 01:20:45
(1 day ago)
104.23.217.30 - - [08/Jul/2026:03:20:45 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 " ...
show more
104.23.217.30 - - [08/Jul/2026:03:20:45 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "-" "http://convergencegaming.net/wp-admin/install.php?step=1"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 03:25:22
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 23:25:14.979284 2026] [security2:error] [pid 2074:tid 2074] [client 104.23.217.30:13123] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "baker15.com"] [uri "/.git/config"] [unique_id "akCUGqizPtOixgALTm7gzQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-25 11:14:37
(2 weeks ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 08:10:24
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 04:10:13.647962 2026] [security2:error] [pid 10654:tid 10654] [client 104.23.217.30:11287] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackstarmgmt.net"] [uri "/.env.production"] [unique_id "ajT5ZeF-A-qIXHubbSkbBgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-06-16 06:53:04
(3 weeks ago)
[Tue Jun 16 16:53:03.690974 2026] [security2:error] [pid 221289] [client 104.23.217.30:10863] [clien ...
show more
[Tue Jun 16 16:53:03.690974 2026] [security2:error] [pid 221289] [client 104.23.217.30:10863] [client 104.23.217.30] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/.git/config"] [unique_id "ajDyz6NofjszHBAvauysOgAAAAo"]
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 03:48:45
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 23:48:40.753911 2026] [security2:error] [pid 5606:tid 5606] [client 104.23.217.30:11824] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hakkawok.com"] [uri "/.git/config"] [unique_id "ajDHmHnKIDgAGaa5-SMmygAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-13 14:22:12
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฉ๐ช
strxmpp
2026-06-09 18:49:26
(4 weeks ago)
104.23.217.30 - - [09/Jun/2026:20:49:25 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 681 " ...
show more
104.23.217.30 - - [09/Jun/2026:20:49:25 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 301 681 "-" "http://jabberzueri.ch/wp-admin/install.php?step=1"
...
show less
Bad Web Bot
๐ฉ๐ช
strxmpp
2026-05-28 19:31:38
(1 month ago)
104.23.217.30 - - [28/May/2026:21:31:36 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 404 533 " ...
show more
104.23.217.30 - - [28/May/2026:21:31:36 +0200] "GET /wp-admin/install.php?step=1 HTTP/1.1" 404 533 "-" "http://jabberzueri.ch/wp-admin/install.php?step=1"
...
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-05-22 09:00:27
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.217.30 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 05:00:22.774441 2026] [security2:error] [pid 31730:tid 31730] [client 104.23.217.30:12453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.willyouanswerthecall.com"] [uri "/.git/config"] [unique_id "ahAbJjfKfLbtRS4G4yel3wAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-05-20 11:03:48
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ง๐พ
lns.bz
2026-04-23 20:34:06
(2 months ago)
Too many 404 requests [BY]
Web App Attack
๐ง๐พ
lns.bz
2026-04-21 07:11:46
(2 months ago)
Too many 404 requests [BY]
Web App Attack