๐ซ๐ท
masterguru
2026-05-06 03:23:44
(1 month ago)
*Port Scan* detected from 104.207.35.105 (US/United States/-). 11 hits in the last 116 seconds (0-19 ...
show more
*Port Scan* detected from 104.207.35.105 (US/United States/-). 11 hits in the last 116 seconds (0-196)
show less
Port Scan
๐ฑ๐ป
garmtech.com
2026-05-01 22:02:05
(2 months ago)
Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.
Web App Attack
๐ฆ๐บ
RedBear IT
2026-03-26 10:00:37
(3 months ago)
"DDoS against public endpoint"
DDoS Attack
๐ฆ๐บ
rubixstudios
2026-03-04 13:42:21
(4 months ago)
(mod_security) mod_security (id:1004100) triggered by 104.207.35.105 (US/United States/-): 5 in the ...
show more
(mod_security) mod_security (id:1004100) triggered by 104.207.35.105 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-31 01:02:10
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 30 20:02:02.907245 2025] [security2:error] [pid 23687:tid 23687] [client 104.207.35.105:39623] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.moorehistory.com"] [uri "/.env"] [unique_id "aVR2CnHYGkHYFurRrWBoAgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ManagedStack
2025-12-30 07:15:02
(6 months ago)
Probing access to unauthorized locations
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 08:47:52
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 03:47:47.652303 2025] [security2:error] [pid 22520:tid 22520] [client 104.207.35.105:27249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "suralcopensioendesk.com"] [uri "/.env"] [unique_id "aVJAMzepbLH_TqBOF2oWKwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 05:10:26
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:10:19.078812 2025] [security2:error] [pid 26683:tid 26683] [client 104.207.35.105:39049] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blackcanyonguides.com"] [uri "/.env"] [unique_id "aVINO0lB4xeGHi_zAgpQlAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-12-29 04:54:43
(6 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:54:39.429428 2025] [security2:error] [pid 22462:tid 22462] [client 104.207.35.105:54891] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lazymanvegan.com"] [uri "/.env"] [unique_id "aVIJj92vkyWKn0x4zkQ4IgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-22 13:40:25
(6 months ago)
This IP was involved in a brute force and password spray attack.
Brute-Force
Web App Attack
Anonymous
2025-11-28 07:17:28
(7 months ago)
Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.28 is noted in report ti ...
show more
Attempted brute force login to web vpn 12 time(s); last attempt for 2025.11.28 is noted in report timestamp
show less
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2025-11-25 04:03:04
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:02:51.688188 2025] [security2:error] [pid 7581:tid 7581] [client 104.207.35.105:38777] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.wendeeholtcamp.com"] [uri "/.svn/wc.db"] [unique_id "aSUqa388ih8pFvvTR9GptwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 03:37:59
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:37:55.884140 2025] [security2:error] [pid 30298:tid 30298] [client 104.207.35.105:58775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.happybookermusic.com"] [uri "/.env"] [unique_id "aSUkk0x9zEWwkmE_he8S3wAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 02:54:10
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:54:06.771731 2025] [security2:error] [pid 3432:tid 3432] [client 104.207.35.105:9967] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.parkplacemotel.com"] [uri "/.svn/wc.db"] [unique_id "aSUaThH9FFt6GGwWpmoV8AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-25 02:26:43
(7 months ago)
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.207.35.105 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:26:40.092820 2025] [security2:error] [pid 29767:tid 29784] [client 104.207.35.105:39211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.gochemless.com"] [uri "/.env"] [unique_id "aSUT4O2PFPX_dStrHN9ZpwAAAQI"]
show less
Brute-Force
Bad Web Bot
Web App Attack