๐บ๐ธ
TPI-Abuse
2026-07-06 08:45:39
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:45:22.137136 2026] [security2:error] [pid 28379:tid 28379] [client 170.124.32.135:38149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.powerkiteforum.com"] [uri "/.env.production"] [unique_id "aktrIjE7LybfZ404Og38_gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
RidgeStar
2026-07-06 00:40:06
(17 hours ago)
2026-07-05T13:20:02-07:00: 1'"><script>alert(68752)</script>
2026-07-05T13: ...
show more
2026-07-05T13:20:02-07:00: 1'"><script>alert(68752)</script>
2026-07-05T13:15:55-07:00: 11'"><script>alert(68752)</script>
2026-07-05T13:15:08-07:00: 32'"><script>alert(68752)</script>
2026-07-05T13:13:41-07:00: 144'"><script>alert(68752)</script>
show less
Port Scan
Hacking
Anonymous
2026-07-06 00:35:57
(17 hours ago)
SQL Injection
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-05 22:52:20
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:52:00.441002 2026] [security2:error] [pid 2429:tid 2429] [client 170.124.32.135:41871] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "comments.barkdull.org"] [uri "/.env.bak"] [unique_id "akrgEKH5Rdi8hxlaRDvhxAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
marten_o
2026-07-05 22:38:46
(19 hours ago)
170.124.32.135 - - [06/Jul/2026:00:38:44 +0200] "GET /.env.development.local HTTP/2.0" 404 958 "-" " ...
show more
170.124.32.135 - - [06/Jul/2026:00:38:44 +0200] "GET /.env.development.local HTTP/2.0" 404 958 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 378 1346
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:19:37
(19 hours ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:19:19.645647 2026] [security2:error] [pid 2458:tid 2458] [client 170.124.32.135:41077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3905ccn.org"] [uri "/.env"] [unique_id "akrYZzzmMCgAdrAEz6zEygAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:03:17
(19 hours ago)
(mod_security) mod_security (id:210381) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210381) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:02:52.477099 2026] [security2:error] [pid 8505:tid 8505] [client 170.124.32.135:57473] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||hanabritgermanshepherds.com|F|4"] [data "REQUEST_URI=/index.php/component/content/article/index.php?option=com_content&view=article&id=23&catid=2%27&Itemid=116100%100%CRITICAL"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "hanabritgermanshepherds.com"] [uri "/index.php/component/content/article/index.php"] [unique_id "akrUjLBpmhvdy7obu6P3FwAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
zynex
2026-07-05 21:56:26
(19 hours ago)
URL Probing: /.env
Web App Attack
๐ฉ๐ช
Bedios GmbH
2026-07-05 21:49:01
(19 hours ago)
Login credentials theft attempt
Hacking
Anonymous
2026-07-05 21:06:05
(20 hours ago)
Trying to access config files
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-05 20:48:48
(20 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 20:46:21
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:46:12.412141 2026] [security2:error] [pid 7753:tid 7849] [client 170.124.32.135:58501] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "killerrockandroll.com"] [uri "/.env"] [unique_id "akrClLGAlwivjaT3KbUwnwAAAgY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
pltcldvlpr
2026-07-05 20:39:45
(21 hours ago)
CMS/framework probe: 170.124.32.135 - - [05/Jul/2026:22:39:45 +0200] "GET /.env.bak HTTP/2.0" 404 10 ...
show more
CMS/framework probe: 170.124.32.135 - - [05/Jul/2026:22:39:45 +0200] "GET /.env.bak HTTP/2.0" 404 10553 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" asn=6079 org="RCN" country=US
...
show less
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-05 20:32:50
(21 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 170.124.32.135 (US/United States/-) ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 170.124.32.135 (US/United States/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฉ๐ช
nyt
2026-07-05 20:14:18
(21 hours ago)
DB Admin Probe, Sensitive File Probe
Web App Attack