๐บ๐ธ
TPI-Abuse
2026-06-25 02:19:55
(1 week ago)
(mod_security) mod_security (id:210492) triggered by 104.22.56.67 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.22.56.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 22:19:45.472809 2026] [security2:error] [pid 26912:tid 26912] [client 104.22.56.67:12038] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ticmacabotours.com.disenowebprofesional.com"] [uri "/.env.local"] [unique_id "ajyQQf7SZSNSGoGyYOC0jgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 04:59:59
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.22.56.67 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.22.56.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 00:59:47.809428 2026] [security2:error] [pid 12839:tid 12839] [client 104.22.56.67:11482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.assheton.com"] [uri "/.env.local"] [unique_id "ajIpw-92IcjzZhNDojSyDgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 02:53:42
(2 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.22.56.67 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 104.22.56.67 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 22:53:38.751575 2026] [security2:error] [pid 25044:tid 25044] [client 104.22.56.67:9662] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.otcraftworks.com"] [uri "/.env.dist"] [unique_id "ajIMMteSB7eN2TRQp9GDNwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
trentwiles.com
2026-05-23 14:41:16
(1 month ago)
Unauthorized connection attempt detected from IP address 104.22.56.67 to port 80 [SYD]
Port Scan
๐ซ๐ท
tavis.page
2026-05-18 08:15:22
(1 month ago)
Blocked by UFW on server [443/tcp]
Source port: 10966
TTL: 54
Packet length: 60
TOS: 0x00
This repo ...
show more
Blocked by UFW on server [443/tcp]
Source port: 10966
TTL: 54
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ซ๐ท
Yepngo
2026-05-13 15:40:43
(1 month ago)
2026-05-13T17:40:36.009289+02:00 ns3006402 kernel: [UFW BLOCK] IN=eno1 OUT= MAC=f0:79:59:6e:bf:2b:00 ...
show more
2026-05-13T17:40:36.009289+02:00 ns3006402 kernel: [UFW BLOCK] IN=eno1 OUT= MAC=f0:79:59:6e:bf:2b:00:ff:ff:ff:ff:fb:08:00 SRC=104.22.56.67 DST=151.80.47.9 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=60212 DF PROTO=TCP SPT=9954 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-05-13T17:40:37.030378+02:00 ns3006402 kernel: [UFW BLOCK] IN=eno1 OUT= MAC=f0:79:59:6e:bf:2b:00:ff:ff:ff:ff:fb:08:00 SRC=104.22.56.67 DST=151.80.47.9 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=60213 DF PROTO=TCP SPT=9954 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-05-13T17:40:38.053375+02:00 ns3006402 kernel: [UFW BLOCK] IN=eno1 OUT= MAC=f0:79:59:6e:bf:2b:00:ff:ff:ff:ff:fb:08:00 SRC=104.22.56.67 DST=151.80.47.9 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=60214 DF PROTO=TCP SPT=9954 DPT=8443 WINDOW=65535 RES=0x00 SYN URGP=0
2026-05-13T17:40:39.077518+02:00 ns3006402 kernel: [UFW BLOCK] IN=eno1 OUT= MAC=f0:79:59:6e:bf:2b:00:ff:ff:ff:ff:fb:08:00 SRC=104.22.56.67 DST=151.80.47.9 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=60215 DF PROTO=TCP SPT=
...
show less
Port Scan
๐ฏ๐ต
S.O.B.A. Dev.
2026-05-02 12:27:35
(2 months ago)
Persistent port scanning or vulnerability scanning
Port Scan
๐บ๐ธ
mawan
2026-04-09 07:56:07
(2 months ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
myagent.site
2026-04-05 06:33:15
(2 months ago)
Blocking for trying to access an exploit file: /config/.env.local
Hacking
๐ฉ๐ช
Prodscape
2026-03-31 19:38:51
(3 months ago)
*Port Scan* detected from 104.22.56.67 (US/United States/-). 10 hits in the last 170 seconds; Ports: ...
show more
*Port Scan* detected from 104.22.56.67 (US/United States/-). 10 hits in the last 170 seconds; Ports: *; Direction: in; Trigger: PS_LIMIT
show less
Port Scan
๐บ๐ธ
mnsf
2026-03-24 16:06:28
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack