๐บ๐ธ
mawan
2026-07-05 02:34:14
(1 week ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 07:46:01
(3 weeks ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 03:45:53.643688 2026] [security2:error] [pid 23718:tid 23718] [client 104.23.213.100:26248] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.handcraftedparquet.chevronparkett.com"] [uri "/.env.local"] [unique_id "ajeWsY1W8ugtknzX2NjYeQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
acadeova
2026-05-21 08:27:12
(1 month ago)
๐จ Recon detected (nft drop)
SRC=104.23.213.100
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(jour ...
show more
๐จ Recon detected (nft drop)
SRC=104.23.213.100
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ณ๐ฑ
homeshowdomain.nl
2026-05-14 22:06:01
(1 month ago)
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ...
show more
Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-13.
show less
Web App Attack
SSH
Hacking
๐บ๐ธ
WellSpring
2026-05-10 07:06:56
(2 months ago)
wordpress scan on tableoftheround.org/wp-admin/install.php โ WellSpr.ing/NetSentinel civic-AI securi ...
show more
wordpress scan on tableoftheround.org/wp-admin/install.php โ WellSpr.ing/NetSentinel civic-AI security layer
show less
Bad Web Bot
Web App Attack
Anonymous
2026-05-04 22:09:57
(2 months ago)
Web App Attack
Brute-Force
Web App Attack
๐ง๐พ
lns.bz
2026-04-20 09:49:30
(2 months ago)
Too many 404 requests [BY]
Web App Attack
๐บ๐ธ
mnsf
2026-04-08 01:05:14
(3 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-05 20:05:15
(3 months ago)
Scanning/Probing (11)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-04 19:05:21
(3 months ago)
Scanning/Probing (17)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-01 02:05:34
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 20:12:35
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 16:12:28.385436 2026] [security2:error] [pid 12074:tid 12074] [client 104.23.213.100:11294] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.hdestimating.com"] [uri "/.env~"] [unique_id "acmHrHfc1DXKp-ioFOqBMgAAAC8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 18:14:21
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 14:14:14.278331 2026] [security2:error] [pid 9621:tid 9621] [client 104.23.213.100:10632] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.tech-servusa.com"] [uri "/.env.dev"] [unique_id "aclr9ilN08PQw_yi1Flh_AAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 17:41:31
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 13:41:28.282216 2026] [security2:error] [pid 27486:tid 27486] [client 104.23.213.100:13616] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.thelastnoel.com"] [uri "/.env_backup"] [unique_id "aclkSOcGPF1tJdfDmQj3pAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 17:11:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.100 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 13:11:31.258398 2026] [security2:error] [pid 10568:tid 10568] [client 104.23.213.100:10652] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.frenosilent.net.ar"] [uri "/var/www/.env"] [unique_id "acldQ7JUDDx8bNoz-0Gi6QAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack