๐บ๐ธ
TPI-Abuse
2026-07-02 15:50:52
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:50:47.493798 2026] [security2:error] [pid 18774:tid 18774] [client 104.23.223.18:9712] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lusineweb.com"] [uri "/.git/config"] [unique_id "akaI1zZ1vda_9GOVC5519gAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 13:31:03
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:30:57.026317 2026] [security2:error] [pid 29320:tid 29320] [client 104.23.223.18:13774] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gfsprod.com"] [uri "/.git/config"] [unique_id "akZoEQNY8NJWBmfOmM6EvwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 14:03:41
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 10:03:33.738570 2026] [security2:error] [pid 17530:tid 17530] [client 104.23.223.18:9762] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "limobusrichmond.com"] [uri "/.env.old"] [unique_id "ajVMNbeZsTjBxnRqM9wYEgAAAAU"], referer: https://www.google.com/search?q=limobusrichmond.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 23:42:48
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 19:42:42.355433 2026] [security2:error] [pid 27261:tid 27261] [client 104.23.223.18:9914] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jamestaylorart.com"] [uri "/.git/config"] [unique_id "ajCN8jGBzJd9VBihAdFV3gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 19:59:32
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:59:26.990100 2026] [security2:error] [pid 20619:tid 20619] [client 104.23.223.18:14051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "japanesejapan.info.smogsandiego.com"] [uri "/.git/config"] [unique_id "ai8IHk4G1_AQnhnjbggTRwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-06-13 09:33:15
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-09 16:34:55
(3 weeks ago)
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Ob ...
show more
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Observed by 1 sensor(s); 1 hits.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 22:32:15
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:32:09.753691 2026] [security2:error] [pid 17008:tid 17008] [client 104.23.223.18:11090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "notify.ev.alitcogroup.com"] [uri "/.git/config"] [unique_id "aidC6R7wOWyv7oK-ol2yiwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 22:00:15
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:00:10.079001 2026] [security2:error] [pid 28399:tid 28399] [client 104.23.223.18:11508] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.pallettrucksni.com"] [uri "/.git/config"] [unique_id "aic7aneglZ59LduZYygOXQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 18:26:28
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 14:26:24.271615 2026] [security2:error] [pid 8947:tid 8947] [client 104.23.223.18:10815] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thommesen.austli.com"] [uri "/.git/config"] [unique_id "aicJUI0niE_Rju8v6ccpawAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 16:56:34
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 12:56:27.004168 2026] [security2:error] [pid 32238:tid 32238] [client 104.23.223.18:11234] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.computer-advisors.com"] [uri "/.git/config"] [unique_id "aib0O0TQ0Y0oIoWkZOaiHAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-23 15:37:57
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.18 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 11:37:53.564825 2026] [security2:error] [pid 14975:tid 14975] [client 104.23.223.18:9909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thepinelandclub.com.velvetculture.com"] [uri "/.git/config"] [unique_id "ahHJ0X3-pZyQrBI4k9tVMgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-05-23 05:18:02
(1 month ago)
Bad Web Bot
๐ท๐บ
DZBOT
2026-05-20 06:27:52
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
Anonymous
2026-05-12 19:35:53
(1 month ago)
(caddyscan) Scanner path probe from 104.23.223.18 (SE/Sweden/-): 5 in the last 3600 secs; Ports: *; ...
show more
(caddyscan) Scanner path probe from 104.23.223.18 (SE/Sweden/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 104.23.223.18 - - [12/May/2026:19:31:46 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 104.23.223.18 - - [12/May/2026:19:33:06 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 104.23.223.18 - - [12/May/2026:19:34:09 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 104.23.223.18 - - [12/May/2026:19:34:14 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 104.23.223.18 - - [12/May/2026:19:35:44 +0000] "GET /.git/config HTTP/1.1"
show less
Port Scan