๐ฉ๐ช
Blexyel
2026-07-18 17:45:32
(22 hours ago)
104.23.213.106 - - [18/Jul/2026:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 404 153 "-" "-" "v.ping ...
show more
104.23.213.106 - - [18/Jul/2026:19:45:32 +0200] "GET /wp-login.php HTTP/1.1" 404 153 "-" "-" "v.pingusmc.org"
...
show less
Brute-Force
Web App Attack
๐ฎ๐น
Fusty
2026-05-29 23:22:03
(1 month ago)
Unauthorized attempt on (TCP on port 2087).
Source port: 9393
TTL: 54
Packet length: 60
Timestamp: 2 ...
show more
Unauthorized attempt on (TCP on port 2087).
Source port: 9393
TTL: 54
Packet length: 60
Timestamp: 2026-05-30 01:22:03
show less
Port Scan
๐บ๐ธ
mnsf
2026-04-06 00:05:05
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-04 23:05:07
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-04-03 22:05:20
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
๐บ๐ธ
mnsf
2026-03-31 21:05:10
(3 months ago)
Scanning/Probing (12)
Brute-Force
Web App Attack
Anonymous
2026-03-31 12:17:53
(3 months ago)
Fuzzing/Looking for credentials files.
Brute-Force
Web App Attack
๐ฉ๐ช
acadeova
2026-03-31 01:44:39
(3 months ago)
๐จ Recon detected (nft drop)
SRC=104.23.213.106
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(jour ...
show more
๐จ Recon detected (nft drop)
SRC=104.23.213.106
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐บ๐ธ
mnsf
2026-03-30 18:05:31
(3 months ago)
Scanning/Probing (13)
Brute-Force
Web App Attack
Anonymous
2026-03-30 15:29:38
(3 months ago)
Aggressive web scan
Web App Attack
๐บ๐ธ
Gabriel Camargo
2026-03-29 23:16:49
(3 months ago)
104.23.213.106 - - [29/Mar/2026:18:15:50 -0500] "GET /.env.production HTTP/1.1" 301 178 "-" "-"
104. ...
show more
104.23.213.106 - - [29/Mar/2026:18:15:50 -0500] "GET /.env.production HTTP/1.1" 301 178 "-" "-"
104.23.213.106 - - [29/Mar/2026:18:15:50 -0500] "GET /.env.backup HTTP/1.1" 301 178 "-" "-"
104.23.213.106 - - [29/Mar/2026:18:16:48 -0500] "GET /config/env HTTP/1.1" 301 178 "-" "-"
...
show less
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-03-29 18:01:39
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 14:01:38.100414 2026] [security2:error] [pid 20968:tid 20968] [client 104.23.213.106:12377] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cs.cswiki.us"] [uri "/config/.env.local"] [unique_id "aclpAi0NzGu6b2MVO8lgqAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-29 17:18:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 29 13:18:04.192189 2026] [security2:error] [pid 32718:tid 32718] [client 104.23.213.106:12483] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.hisimengineering.com"] [uri "/.env.test"] [unique_id "aclezApHNDSoeQsaLt1VTgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-03-28 18:31:28
(3 months ago)
[Sat Mar 28 19:31:26.877207 2026] [authz_core:error] [pid 14323] [client 104.23.213.106:13233] AH016 ...
show more
[Sat Mar 28 19:31:26.877207 2026] [authz_core:error] [pid 14323] [client 104.23.213.106:13233] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Mar 28 19:31:27.014033 2026] [authz_core:error] [pid 14323] [client 104.23.213.106:13233] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Mar 28 19:31:27.182488 2026] [authz_core:error] [pid 14323] [client 104.23.213.106:13233] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-27 17:53:30
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.213.106 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.213.106 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 27 13:53:24.397257 2026] [security2:error] [pid 1941:tid 1941] [client 104.23.213.106:10933] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "act-research.com"] [uri "/.env.local"] [unique_id "acbEFH1fIw4VBZR5jd30JAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack