๐บ๐ธ
mawan
2026-07-02 20:15:24
(16 hours ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐ฆ๐ฑ
router.al
2026-07-01 04:52:22
(2 days ago)
07/01/2026-04:52:21.727503 104.23.229.73 Protocol: 6 ET WEB_SPECIFIC_APPS WordPress Plugin Gravity S ...
show more
07/01/2026-04:52:21.727503 104.23.229.73 Protocol: 6 ET WEB_SPECIFIC_APPS WordPress Plugin Gravity SMTP Unauthenticated REST API (CVE-2026-4020)
show less
Hacking
Anonymous
2026-06-27 16:48:35
(5 days ago)
104.23.229.73 - - [27/Jun/2026:18:48:31 +0200] "GET / HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229. ...
show more
104.23.229.73 - - [27/Jun/2026:18:48:31 +0200] "GET / HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:31 +0200] "GET /backend/.env HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:31 +0200] "GET /%2eenv HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:31 +0200] "GET /.env HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:31 +0200] "GET /%2egit/%63onfig HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:32 +0200] "GET /%2fbackend%2f%2eenv HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:32 +0200] "GET /%2f%2eaws%2fcredentials HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:32 +0200] "GET /error/ HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:32 +0200] "GET /api/user HTTP/1.1" 403 153 "-" "curl/8.7.1"
104.23.229.73 - - [27/Jun/2026:18:48:32 +0200] "GET /var/task/next.config.mjs HTTP/1.1" 403 153 "-" "curl/
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 17:39:40
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.23.229.73 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.229.73 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 13:39:29.583541 2026] [security2:error] [pid 1551:tid 1611] [client 104.23.229.73:14162] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "promo.heworeblack.com"] [uri "/.git/config"] [unique_id "ajwWUVdnXDqFrw_rFZIrkgAAARg"], referer: https://www.google.com/search?q=promo.heworeblack.com
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
OptimusGO
2026-06-21 02:18:51
(1 week ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-06-21 03:18:51 UTC
Log evidence:
104.23.229.73 - - [21/Jun/2026:03:18:48 +0100] "GET /angular/config%2ejs HTTP/1.1" 404 118 "-" "curl/8.7.1"
06/21/2026-03:18:48.711844 [**] [1:1000201:1] SCANNER: Bot-like User-Agent Detected [**] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 104.23.229.73:10613 -> 185.127.18.66:80
show less
Port Scan
Brute-Force
๐ณ๐ฑ
homeshowdomain.nl
2026-05-12 22:01:06
(1 month ago)
Auto-ban: >3000 req/min op 2026-05-12
Web App Attack
SSH
Hacking
๐ฉ๐ช
netclix.gr
2026-04-22 18:46:20
(2 months ago)
(PERMBLOCK) 104.23.229.73 (FR/France/-) has had more than 2 temp blocks in the last 604800 secs; Por ...
show more
(PERMBLOCK) 104.23.229.73 (FR/France/-) has had more than 2 temp blocks in the last 604800 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Port Scan
๐ฉ๐ช
netclix.gr
2026-04-19 19:21:29
(2 months ago)
(bot_kill_mega) Aggressive Bot Blocked: Go-http-client 104.23.229.73 (FR/France/-): 1 in the last 46 ...
show more
(bot_kill_mega) Aggressive Bot Blocked: Go-http-client 104.23.229.73 (FR/France/-): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 104.23.229.73 - - [19/Apr/2026:22:17:58 +0300] "POST /login_up.php HTTP/2.0" 200 27732 "-" "Go-http-client/1.1" "2001:41d0:305:2100::30e"'/login_up.php' '' '/opt/psa/admin/htdocs'
show less
Port Scan
๐ฉ๐ช
netclix.gr
2026-04-17 09:41:28
(2 months ago)
(bot_kill_mega) Aggressive Bot Blocked: Go-http-client 104.23.229.73 (FR/France/-): 1 in the last 46 ...
show more
(bot_kill_mega) Aggressive Bot Blocked: Go-http-client 104.23.229.73 (FR/France/-): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 104.23.229.73 - - [17/Apr/2026:12:38:09 +0300] "GET /login_up.php HTTP/2.0" 200 27686 "-" "Go-http-client/1.1" "2001:41d0:305:2100::30e"'/login_up.php' '' '/opt/psa/admin/htdocs'
show less
Port Scan
๐ฉ๐ช
netclix.gr
2026-04-11 07:29:44
(2 months ago)
(bot_kill_mega) Aggressive Bot Blocked: Go-http-client 104.23.229.73 (FR/France/-): 1 in the last 46 ...
show more
(bot_kill_mega) Aggressive Bot Blocked: Go-http-client 104.23.229.73 (FR/France/-): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 104.23.229.73 - - [11/Apr/2026:09:18:58 +0300] "POST /login_up.php HTTP/2.0" 200 27733 "-" "Go-http-client/1.1" "2001:41d0:305:2100::30e"'/login_up.php' '' '/opt/psa/admin/htdocs'
show less
Port Scan
๐บ๐ธ
mnsf
2026-03-27 03:05:56
(3 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-25 04:05:24
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-22 11:05:29
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
๐ฐ๐ท
MW
2026-03-20 16:36:40
(3 months ago)
104.23.229.73 - - [21/Mar/2026:01:36:37 +0900] "GET /.env.production.bak HTTP/1.1" 404 4277 "-" "-"
...
show more
104.23.229.73 - - [21/Mar/2026:01:36:37 +0900] "GET /.env.production.bak HTTP/1.1" 404 4277 "-" "-"
104.23.229.73 - - [21/Mar/2026:01:36:38 +0900] "GET /docker/.env HTTP/1.1" 404 459 "-" "-"
104.23.229.73 - - [21/Mar/2026:01:36:39 +0900] "GET /www/.env HTTP/1.1" 404 459 "-" "-"
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-03-20 03:06:07
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack