π«π·
chengkev
2026-07-13 12:35:43
(4 days ago)
Esta IP fue detectada por CrowdSec, activando crowdsecurity/jira_cve-2021-26086
Web App Attack
Hacking
π¬π§
pinguin
2026-07-08 12:37:21
(1 week ago)
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from US.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Mozilla/5.0 (X11; Linux x86_64; rv:142.0) Gecko/20100101 Firefox/142.0
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
π©πͺ
acadeova
2026-06-06 03:22:14
(1 month ago)
π¨ Recon detected (nft drop)
SRC=104.23.253.19
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journ ...
show more
π¨ Recon detected (nft drop)
SRC=104.23.253.19
Observed=TCP dpt=80 in=enp0s6 ttl=57
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-04-04 12:48:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 08:48:40.256752 2026] [security2:error] [pid 28927:tid 28927] [client 104.23.253.19:12754] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.carjinn.net"] [uri "/.env.bak"] [unique_id "adEIqARheeWS-K5GyI1JZgAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
drewf.ink
2026-03-24 06:10:08
(3 months ago)
[06:10] Port scanning. Port(s) scanned: TCP/2095
Port Scan
πΊπΈ
TPI-Abuse
2026-03-21 05:01:04
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 01:00:56.224165 2026] [security2:error] [pid 21910:tid 21910] [client 104.23.253.19:13371] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "dev.handyrehab.com"] [uri "/private/.env"] [unique_id "ab4mCPznfNbphudbuPMwMgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 03:31:01
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 23:30:53.483048 2026] [security2:error] [pid 5613:tid 5613] [client 104.23.253.19:12865] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.bhu.rcto.us"] [uri "/srv/.env"] [unique_id "ab4Q7WWmCdDe3s271o9uJQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-21 03:01:06
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 23:00:58.838397 2026] [security2:error] [pid 24034:tid 24034] [client 104.23.253.19:14096] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.goldcountrygermanamericanclub.org"] [uri "/root/.env"] [unique_id "ab4J6j-1HmG-P_Zv40RVDQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 09:24:23
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 05:24:18.149789 2026] [security2:error] [pid 22551:tid 22551] [client 104.23.253.19:13923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.swampoodlegrounds.com"] [uri "/.env.php"] [unique_id "ab0SQhdfX6LlzbIj9YhmyQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 08:39:47
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 04:39:41.395359 2026] [security2:error] [pid 21538:tid 21538] [client 104.23.253.19:11340] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.elgarage.com.mx"] [uri "/config/.env.local"] [unique_id "ab0HzYgket08vmLfJHyDbgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 07:52:36
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 03:52:31.160014 2026] [security2:error] [pid 30547:tid 30547] [client 104.23.253.19:14305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rocky-ridgeco.com"] [uri "/.env.example"] [unique_id "abz8v1vMiIlMIQBcleteNwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 07:16:24
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 03:16:15.999671 2026] [security2:error] [pid 9608:tid 9608] [client 104.23.253.19:10707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.aemcmullin.com"] [uri "/app/.env"] [unique_id "abz0P5SWm3BAbsiWPy89cwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 03:47:33
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 23:47:27.482224 2026] [security2:error] [pid 2371427:tid 2371427] [client 104.23.253.19:11393] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wordpress.nolafoodporn.com"] [uri "/api/.env"] [unique_id "abzDT8-hPCCIJT_-545hUQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 01:19:03
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 21:18:52.414326 2026] [security2:error] [pid 4307:tid 4307] [client 104.23.253.19:13536] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.ufcmusic.com"] [uri "/var/www/.env"] [unique_id "abygfOnQWgnaJnya9-DOeAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-03-20 00:27:08
(3 months ago)
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 104.23.253.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 20:26:49.944360 2026] [security2:error] [pid 25846:tid 25846] [client 104.23.253.19:13958] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.evolinc.com"] [uri "/.env_backup"] [unique_id "abyUSYKCqPpZ4ptLTLIzfQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack