๐บ๐ธ
TPI-Abuse
2026-07-06 12:55:28
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:55:12.523518 2026] [security2:error] [pid 3391:tid 3391] [client 170.124.32.140:48763] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "verenacastle.com"] [uri "/.env.prod.local"] [unique_id "akulsLWicSjqKkATJknwPwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-07-06 11:13:55
(3 days ago)
(mod_security-custom) mod_security (id:210492) triggered by 170.124.32.140 (US/United States/Marylan ...
show more
(mod_security-custom) mod_security (id:210492) triggered by 170.124.32.140 (US/United States/Maryland/Lanham-Seabrook/-/[AS6079 RCN-AS]): 1 in the last 3600 secs (0-srv1)
show less
Hacking
Anonymous
2026-07-06 08:05:06
(3 days ago)
Web Clients HTTP URL JavaScript Function Cross-Site Scripting.
Web App Attack
๐ซ๐ฎ
danskefilm.dk
2026-07-06 07:30:01
(3 days ago)
wordpress login attempts
Web App Attack
๐ต๐ฑ
mkrufczyk
2026-07-05 23:39:00
(4 days ago)
bad bot
Bad Web Bot
SQL Injection
๐ซ๐ท
conseilgouz
2026-07-05 22:57:37
(4 days ago)
upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=artic ...
show more
upe-12 : Block return, carriage return, ... characters=>/index.php?option=com_content&view=article%27&id=43&catid=8100%100%CRITICAL(')
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 22:52:22
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:52:00.349932 2026] [security2:error] [pid 32245:tid 32245] [client 170.124.32.140:55989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "comments.barkdull.org"] [uri "/.env.development.local"] [unique_id "akrgEIQmiqLdM6V657LTXgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
interbiznw.com
2026-07-05 22:44:25
(4 days ago)
malicious-web-requests-vulnerability-scanning
Hacking
Brute-Force
Exploited Host
Web App Attack
๐ฉ๐ช
marten_o
2026-07-05 22:38:45
(4 days ago)
170.124.32.140 - - [06/Jul/2026:00:38:44 +0200] "GET /.env.production HTTP/2.0" 404 958 "-" "Mozilla ...
show more
170.124.32.140 - - [06/Jul/2026:00:38:44 +0200] "GET /.env.production HTTP/2.0" 404 958 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 373 1346
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:36:51
(4 days ago)
(mod_security) mod_security (id:210381) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210381) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:36:34.381115 2026] [security2:error] [pid 22824:tid 22824] [client 170.124.32.140:34757] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||coffeewitheinstein.com|F|4"] [data "REQUEST_URI=/index.php?main_page=page&id=1100%90%CRITICAL%27"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "coffeewitheinstein.com"] [uri "/index.php"] [unique_id "akrccmmjHLBEw9B9KgBG1wAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-05 21:31:37
(4 days ago)
XSS
Web App Attack
๐บ๐ธ
RidgeStar
2026-07-05 21:23:01
(4 days ago)
Port Scan
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 21:17:00
(4 days ago)
(mod_security) mod_security (id:212620) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 17:16:45.941232 2026] [security2:error] [pid 24428:tid 24428] [client 170.124.32.140:50957] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||kingscruff.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /g12ordergen.php?fromwhere=g12generic.php&fromwhat=itemdetail&itemid=62'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kingscruff.com"] [uri "/g12ordergen.php"] [unique_id "akrJvQSIBhTK4-_OHAKxRQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-05 21:00:23
(4 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 20:35:54
(4 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:35:39.644380 2026] [security2:error] [pid 15825:tid 15825] [client 170.124.32.140:36523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "watermarks.info"] [uri "/.env"] [unique_id "akrAG7Aef8AMqo2kPYxCWgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack