๐บ๐ธ
TPI-Abuse
2026-07-13 18:10:30
(7 hours ago)
(mod_security) mod_security (id:211190) triggered by 106.219.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:211190) triggered by 106.219.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 14:10:24.822188 2026] [security2:error] [pid 13827:tid 13827] [client 106.219.165.203:28789] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||evolute.io|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "evolute.io"] [uri "/"] [unique_id "alUqEJufMDxis9MY0mipwAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 16:27:09
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 106.219.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 106.219.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 12:27:05.562756 2026] [security2:error] [pid 14312:tid 14312] [client 106.219.165.203:9631] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.portalvasco.com"] [uri "/.env.example"] [unique_id "alUR2fGpKcz8OK22DRN4MwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 16:02:04
(9 hours ago)
Bot / scanning and/or hacking attempts: GET /.env.example HTTP/1.1
Hacking
Web App Attack
๐ณ๐ฑ
e.fierstra
2026-07-13 15:49:05
(9 hours ago)
ModSecurity hits exceeded
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-07-13 11:01:01
(14 hours ago)
Critical LFI with PHP code injection detected - Basic 2. Threat Score: 8.8/10 (CRITICAL). Confidence ...
show more
Critical LFI with PHP code injection detected - Basic 2. Threat Score: 8.8/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1190 (Exploit Public-Facing Application). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS
show less
Hacking
Brute-Force
๐ฎ๐ฉ
sockominfo
2026-07-13 10:00:29
(15 hours ago)
Reported by TangerangKota-CSIRT. Status: MALICIOUS
Hacking
Brute-Force
๐ฉ๐ช
Vegascosmetics
2026-07-13 09:54:43
(15 hours ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after attack pattern. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-07-13 09:38:38
(15 hours ago)
(mod_security) mod_security (id:211190) triggered by 106.219.165.203 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:211190) triggered by 106.219.165.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 05:38:35.067506 2026] [security2:error] [pid 8717:tid 8745] [client 106.219.165.203:23852] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||uoexpanse.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /?../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "uoexpanse.com"] [uri "/"] [unique_id "alSyG-jOPEEwIWyaAyVLewAAAI8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฉ
sockominfo
2026-07-13 09:00:09
(16 hours ago)
Critical LFI with PHP code injection detected - Basic 2. Threat Score: 7.7/10 (HIGH). Reported by Ta ...
show more
Critical LFI with PHP code injection detected - Basic 2. Threat Score: 7.7/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS
show less
Hacking
Brute-Force
๐ฉ๐ช
nyt
2026-07-13 08:39:02
(16 hours ago)
Path Traversal, Path Traversal
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-13 08:21:57
(16 hours ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: path_trav ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: path_traversal. Observed by 1 sensor(s); 1 hits.
show less
Web App Attack
Anonymous
2026-07-13 07:41:34
(17 hours ago)
Sensitive Configuration File Disclosure.
Hacking
๐ซ๐ท
COMAITE
2026-07-13 05:59:34
(19 hours ago)
Common web attack from 106.219.165.203.
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-13 05:47:31
(19 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 106.219.165.203 (IN/India/-): 2 in ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 106.219.165.203 (IN/India/-): 2 in the last 3600 secs
show less
Web App Attack
๐ฆ๐บ
oncord
2026-07-03 10:04:05
(1 week ago)
Form spam
Web Spam