π¬π§
sandra361
2026-05-26 17:53:01
(1 month ago)
Port scan detected: 6 attempts across 1 ports (2087). | Evidence: REAPER_TARPIT:IN=enp1s0f0 OUT= SRC ...
show more
Port scan detected: 6 attempts across 1 ports (2087). | Evidence: REAPER_TARPIT:IN=enp1s0f0 OUT= SRC=104.23.253.145 LEN=60 TOS=0x00 PREC=0x00 TTL=56 ID=18584 DF PROTO=TCP SPT=13736 DPT=2087 WINDOW=65535 RES=0x00 SYN URGP=0
show less
Port Scan
πΊπΈ
Furry Network Services
2026-04-07 05:53:21
(3 months ago)
Blocked by UFW [8443/tcp] | SPT: 12160 | TTL: 55 | LEN: 60 | TOS: 0x00 β’ Reported by: github.com/sef ...
show more
Blocked by UFW [8443/tcp] | SPT: 12160 | TTL: 55 | LEN: 60 | TOS: 0x00 β’ Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-04-03 03:31:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 02 23:31:00.636134 2026] [security2:error] [pid 9684:tid 9684] [client 104.23.253.145:11902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.whaletailbikini.com"] [uri "/.env_backup"] [unique_id "ac80dFs9Nhar_MX1Q9BVzAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-03-24 23:07:25
(3 months ago)
Scanning/Probing (15)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 01:27:29
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 21:27:25.279254 2026] [security2:error] [pid 31412:tid 31481] [client 104.23.253.145:10591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.thatspecial.com"] [uri "/.env2"] [unique_id "ab3z_dAkDKWjE2FXPS9O3gAAAQo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
mnsf
2026-03-21 00:20:52
(3 months ago)
Scanning/Probing (16)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 09:30:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:30:28.703837 2026] [security2:error] [pid 22884:tid 22884] [client 104.23.253.145:9485] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "title48.com"] [uri "/.git/refs/heads/master"] [unique_id "ab0TtIi-gzL5ImR34sb9nQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 04:28:12
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 00:28:07.002601 2026] [security2:error] [pid 27063:tid 27063] [client 104.23.253.145:13874] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kmichaelbabcock.com.vanemby.com"] [uri "/root/.env"] [unique_id "abzM1yWfzsVpggJt1MMj9QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 03:34:50
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:34:47.310558 2026] [security2:error] [pid 19347:tid 19347] [client 104.23.253.145:12335] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.bandpd.com"] [uri "/root/.env"] [unique_id "abzAV_YAioeWsSaeH4DDTAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 03:17:18
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:17:13.741459 2026] [security2:error] [pid 24252:tid 24252] [client 104.23.253.145:14140] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kyws-lp.webserviceswest.com"] [uri "/.env_settings"] [unique_id "aby8OaWET71oGLyYqHu8gAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 01:17:30
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:17:23.520628 2026] [security2:error] [pid 25992:tid 25992] [client 104.23.253.145:11116] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.fulltime-life.com"] [uri "/server/.env"] [unique_id "abygI_4JAYC93ByW90AcgQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-19 11:19:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 07:19:42.248817 2026] [security2:error] [pid 5753:tid 5770] [client 104.23.253.145:13818] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.wpe.uk.com"] [uri "/www/.env"] [unique_id "abvbzl7alC5V06deuhQm_gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-19 10:11:43
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:11:39.771585 2026] [security2:error] [pid 1817:tid 1833] [client 104.23.253.145:11386] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "plasticsurgeonsandiego.com.aafm.us"] [uri "/.env_secret"] [unique_id "abvL25YccVtTjQgBThGMwwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-19 09:52:11
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:52:04.007411 2026] [security2:error] [pid 9912:tid 9912] [client 104.23.253.145:11401] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.flyingdodostudio.com"] [uri "/app/.env"] [unique_id "abvHROUvRG4juvDLUvh9RAAAABs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-19 09:36:07
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.145 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 05:36:00.006803 2026] [security2:error] [pid 31531:tid 31531] [client 104.23.253.145:13571] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kylight.net"] [uri "/.env.test"] [unique_id "abvDgEZjWRa35nv1AK4WBAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack