Anonymous
2026-07-07 06:09:12
(1 day ago)
Querying for PHP services on a non-PHP site (/index.php)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 09:33:04
(2 days ago)
(mod_security) mod_security (id:212620) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 05:32:50.192698 2026] [security2:error] [pid 23437:tid 23437] [client 170.124.32.152:35901] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||hanabritgermanshepherds.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php/component/content/article/index.php?option=*&view=article'\\x22><script>alert(68752)</script>&id=23&catid=2&itemid=116"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "hanabritgermanshepherds.com"] [uri "/index.php/component/content/article/index.php"] [unique_id "akt2Qv1Xsb0_cW_DMwqzzgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 08:11:04
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:10:49.619334 2026] [security2:error] [pid 27433:tid 27451] [client 170.124.32.152:33547] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fnaandpartners.com"] [uri "/.env.dev.local"] [unique_id "aktjCTzFuwRj3Z7rtCKiywAAAE8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 08:05:06
(2 days ago)
Web Clients HTTP URL JavaScript Function Cross-Site Scripting.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 04:25:36
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 00:25:21.454676 2026] [security2:error] [pid 23141:tid 23141] [client 170.124.32.152:49873] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3905ccn.org"] [uri "/.env.development.local"] [unique_id "aksuMfR90WWrjIbQUtlLIQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-06 00:35:57
(2 days ago)
SQL Injection
SQL Injection
๐ฉ๐ช
nyt
2026-07-06 00:28:18
(2 days ago)
XSS
Web App Attack
๐ซ๐ท
ELYAZ
2026-07-05 23:59:17
(2 days ago)
(y3) Failed access -byebye- from 170.124.32.152 (US/United States/-): (CF_ENABLE)
Hacking
๐ฉ๐ช
marten_o
2026-07-05 22:38:45
(2 days ago)
170.124.32.152 - - [06/Jul/2026:00:38:44 +0200] "GET /.env HTTP/2.0" 404 1058 "-" "Mozilla/5.0 (Maci ...
show more
170.124.32.152 - - [06/Jul/2026:00:38:44 +0200] "GET /.env HTTP/2.0" 404 1058 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36" 365 1166
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 22:36:41
(2 days ago)
(mod_security) mod_security (id:210381) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210381) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 18:36:34.498057 2026] [security2:error] [pid 22837:tid 22837] [client 170.124.32.152:43243] ModSecurity: Access denied with code 403 (phase 2). Invalid URL Encoding: Non-hexadecimal digits used at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "82"] [id "210381"] [rev "6"] [msg "COMODO WAF: URL Encoding Abuse Attack Attempt||coffeewitheinstein.com|F|4"] [data "REQUEST_URI=/index.php?main_page=page%27&id=1100%90%CRITICAL"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "coffeewitheinstein.com"] [uri "/index.php"] [unique_id "akrccnp1r0MODpm9f4mtCgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 21:06:05
(2 days ago)
Trying to access config files
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-05 21:00:26
(2 days ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 20:43:47
(2 days ago)
(mod_security) mod_security (id:212620) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:43:31.597531 2026] [security2:error] [pid 13999:tid 14007] [client 170.124.32.152:45361] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||aafm.us|F|2"] [data "Matched Data: <script found within REQUEST_URI: /press_release084d.html?id=46'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "aafm.us"] [uri "/press_release084d.html"] [unique_id "akrB89uR1F7DDVVtw0B1_gAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 20:25:21
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 16:25:02.822413 2026] [security2:error] [pid 8230:tid 8230] [client 170.124.32.152:50195] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.christineohlman.net"] [uri "/.env.development.local"] [unique_id "akq9ntFu6lpH4GeZj3UiuwAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
RidgeStar
2026-07-05 20:11:02
(2 days ago)
Port Scan
Hacking