๐ง๐พ
lns.bz
2026-07-05 08:33:13
(1 day ago)
Too many 404 requests [BY]
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 17:53:48
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 13:53:42.342720 2026] [security2:error] [pid 13600:tid 13662] [client 104.23.223.9:11090] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "faimreps.com"] [uri "/.git/config"] [unique_id "akAOJlHBWZxsTrRE1Y68UwAAAYY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 02:49:41
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 22:49:35.789751 2026] [security2:error] [pid 26414:tid 26423] [client 104.23.223.9:14244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "touba.newtrendmag.org"] [uri "/.git/config"] [unique_id "ajX_vwkmzL8PWvjtDfuOxQAAAEc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 07:57:42
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 03:57:36.134475 2026] [security2:error] [pid 13145:tid 13145] [client 104.23.223.9:10405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "billhoy.com"] [uri "/.env"] [unique_id "ajT2cMfUBCb0JIPZwagl5AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
4server
2026-06-18 19:49:47
(2 weeks ago)
[ThuJun1821:49:43.4755872026][security2:error][pid3637822:tid3638432][client104.23.223.9:0]ModSecuri ...
show more
[ThuJun1821:49:43.4755872026][security2:error][pid3637822:tid3638432][client104.23.223.9:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"365\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"ruberticonsulting.ch.81-17-25-250.cpanel.site\"][uri\"/.git/config\"][unique_id\"ajRL12NrPk5YefjRkeiAsQAAAQ8\"]
show less
Hacking
Web App Attack
๐ท๐บ
DZBOT
2026-06-14 13:33:21
(3 weeks ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ณ๐ด
jad-abuse
2026-06-12 00:10:29
(3 weeks ago)
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Ob ...
show more
ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: wp_admin. Observed by 1 sensor(s); 2 hits.
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 03:12:48
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 23:12:41.500999 2026] [security2:error] [pid 16236:tid 16236] [client 104.23.223.9:11128] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "emilycolvin.michaelward.com"] [uri "/.git/config"] [unique_id "aieEqQbRjIDcIsliXmf7pAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-26 14:22:52
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 10:22:44.585518 2026] [security2:error] [pid 9681:tid 9681] [client 104.23.223.9:9614] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "giganticmediallc.com"] [uri "/.env"] [unique_id "ahWstNxNj0pWN-3b2h-jjwAAAAU"], referer: https://www.google.com/search?q=giganticmediallc.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
homeshowdomain.nl
2026-05-24 22:00:59
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-24
Web App Attack
SSH
Hacking
๐บ๐ธ
TPI-Abuse
2026-05-21 19:40:19
(1 month ago)
(mod_security) mod_security (id:949110) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:949110) triggered by 104.23.223.9 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 15:40:12.365206 2026] [security2:error] [pid 15590:tid 15590] [client 104.23.223.9:9852] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.tnc.cescfoundation.org"] [uri "/backup.sql"] [unique_id "ag9fnNpUF_dwARyPetDyiAAAAEQ"], referer: https://www.google.com/search?q=www.tnc.cescfoundation.org
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
DZBOT
2026-05-21 01:43:58
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฆ๐ฑ
router.al
2026-05-19 19:31:22
(1 month ago)
05/19/2026-19:31:22.199454 104.23.223.9 Protocol: 6 GPL WEB_SERVER 403 Forbidden
Port Scan
๐ฉ๐ช
acadeova
2026-05-08 07:48:55
(1 month ago)
๐จ Recon detected (nft drop)
SRC=104.23.223.9
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journa ...
show more
๐จ Recon detected (nft drop)
SRC=104.23.223.9
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ง๐พ
lns.bz
2026-04-17 11:14:09
(2 months ago)
Too many 404 requests [BY]
Web App Attack