๐ฌ๐ง
Axel
2026-07-02 09:43:26
(2 days ago)
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulner ...
show more
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||redcasiepac.com|F|2 Phase: 2 Severity: CRITICAL URI: /wp-json/wp/v2/users Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-02 05:30:54
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:30:49.437424 2026] [security2:error] [pid 4348:tid 4348] [client 104.23.223.4:9280] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thomaschemical.com"] [uri "/.git/config"] [unique_id "akX3iSbsTNAJ8JE_1AomiwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 13:40:49
(1 week ago)
104.23.223.4 - - [27/Jun/2026:13:40:45 +0000] "GET /.git/config HTTP/2.0" 404 4051 "-" "Mozilla/5.0 ...
show more
104.23.223.4 - - [27/Jun/2026:13:40:45 +0000] "GET /.git/config HTTP/2.0" 404 4051 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "51.21.160.119"
104.23.223.4 - - [27/Jun/2026:13:40:45 +0000] "GET /.env HTTP/2.0" 404 4048 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "51.21.160.119"
104.23.223.4 - - [27/Jun/2026:13:40:47 +0000] "GET /.env.production HTTP/2.0" 404 4051 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "51.21.160.119"
104.23.223.4 - - [27/Jun/2026:13:40:48 +0000] "GET /.env.development HTTP/2.0" 404 4055 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "51.21.160.119"
104.23.223.4 - - [27/Jun/2026:13:40:48 +0000] "GET /.env.remote HTTP/2.0" 404 4053 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.
...
show less
Port Scan
Brute-Force
๐ณ๐ด
jad-abuse
2026-06-17 20:16:02
(2 weeks ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_expos ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure. Observed by 1 sensor(s); 2 hits.
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 15:10:11
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 11:10:07.693493 2026] [security2:error] [pid 11206:tid 11206] [client 104.23.223.4:12714] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gene.plaisance.us"] [uri "/.git/config"] [unique_id "ajK4z_nyxM13ahIZQ2gpNAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-16 01:05:30
(2 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 00:33:16
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 20:33:12.462482 2026] [security2:error] [pid 25289:tid 25289] [client 104.23.223.4:13384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kimpitchellandassociatesinc.com"] [uri "/.git/config"] [unique_id "ajCZyMMkioIFVKZoEeqbmgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-06-15 00:14:55
(2 weeks ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-14 11:36:44
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 07:36:41.025971 2026] [security2:error] [pid 26318:tid 26318] [client 104.23.223.4:13744] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "nelsonroman.com"] [uri "/.git/config"] [unique_id "ai6SSXP4GJGBQUZj0EloPwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
srtzero
2026-06-10 00:43:49
(3 weeks ago)
104.23.223.4 - - [10/Jun/2026:02:43:49 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "- ...
show more
104.23.223.4 - - [10/Jun/2026:02:43:49 +0200] "GET /wp-admin/install.php?step=1 HTTP/2.0" 404 162 "-" "http://convergencegaming.net/wp-admin/install.php?step=1"
...
show less
Port Scan
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 22:49:41
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:49:34.955025 2026] [security2:error] [pid 19897:tid 19897] [client 104.23.223.4:13972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sierrafoothillsrealty.georgetownca.com"] [uri "/.git/config"] [unique_id "aidG_g5qUah5ro7YJdcG9QAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
acadeova
2026-06-06 03:21:09
(4 weeks ago)
๐จ Recon detected (nft drop)
SRC=104.23.223.4
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journa ...
show more
๐จ Recon detected (nft drop)
SRC=104.23.223.4
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ฌ๐ง
Axel
2026-05-28 11:46:02
(1 month ago)
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulner ...
show more
Blocked by ModSecurity. Rule ID: 225170 Message: COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||redcasiepac.com|F|2 Phase: 2 Severity: CRITICAL URI: /wp-json/wp/v2/users Server: UK-01
show less
Web App Attack
Hacking
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-05-26 18:10:16
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 14:10:08.272538 2026] [security2:error] [pid 25835:tid 25835] [client 104.23.223.4:12958] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||thedoodlists.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "thedoodlists.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "ahXiANRIhxHZz3qYAQnzdgAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-23 16:12:29
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 23 12:12:21.948421 2026] [security2:error] [pid 31243:tid 31243] [client 104.23.223.4:12929] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "silverdump.com"] [uri "/.git/config"] [unique_id "ahHR5cqA44Oi6k5dO2DoSwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack