๐ฎ๐ฑ
spd.co.il
2026-07-08 20:01:31
(4 hours ago)
Web application attack detected
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 12:55:27
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:55:12.492573 2026] [security2:error] [pid 1127:tid 1127] [client 170.124.32.154:53687] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "verenacastle.com"] [uri "/.env.prod"] [unique_id "akulsDd6edASdxBOnjOV6gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
KIDOS
2026-07-06 12:19:37
(2 days ago)
malicious activity
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 10:27:51
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 06:27:33.776136 2026] [security2:error] [pid 24219:tid 24219] [client 170.124.32.154:39203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "fiyaplatform.com"] [uri "/.env.production"] [unique_id "akuDFVwe0ELZF1xKqts5BQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 09:42:30
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 05:42:15.248428 2026] [security2:error] [pid 11534:tid 11534] [client 170.124.32.154:54227] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coffeewitheinstein.com"] [uri "/.env"] [unique_id "akt4d0yES0Pmv4bk2wVMPAAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 08:45:38
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 04:45:22.127196 2026] [security2:error] [pid 27115:tid 27115] [client 170.124.32.154:45493] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.powerkiteforum.com"] [uri "/.env.bak"] [unique_id "aktrIlYeoozfgTmUWaPWEwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:46:55
(2 days ago)
(mod_security) mod_security (id:212620) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:212620) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:46:38.783717 2026] [security2:error] [pid 27433:tid 27448] [client 170.124.32.154:42557] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.fnaandpartners.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /projects.php?id=134'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.fnaandpartners.com"] [uri "/projects.php"] [unique_id "aktdXjzFuwRj3Z7rtCKZ9wAAAEw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
RidgeStar
2026-07-06 00:48:43
(2 days ago)
Port Scan
Hacking
Anonymous
2026-07-06 00:35:57
(2 days ago)
SQL Injection
SQL Injection
๐ซ๐ท
conseilgouz
2026-07-05 22:57:36
(3 days ago)
upe-11 : Block illegal characters=>/index.php?option=com_content%27%22%3E%3Cscript%3Ealert(68752)%3C ...
show more
upe-11 : Block illegal characters=>/index.php?option=com_content%27%22%3E%3Cscript%3Ealert(68752)%3C/script%3E&view=article&id=...(alert(alert)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-05 21:56:53
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 17:56:49.604154 2026] [security2:error] [pid 9582:tid 9582] [client 170.124.32.154:60921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingscruff.com"] [uri "/.env.prod"] [unique_id "akrTIU9uImLUsDr0ojxnNQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ญ๐บ
bcsaba
2026-07-05 21:46:03
(3 days ago)
Probing for .env file:
170.124.32.154 - - [05/Jul/2026:23:45:59 +0200] "GET /.env HTTP/2.0" 403 548 ...
show more
Probing for .env file:
170.124.32.154 - - [05/Jul/2026:23:45:59 +0200] "GET /.env HTTP/2.0" 403 548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 21:20:33
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 170.124.32.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 17:20:25.283765 2026] [security2:error] [pid 13999:tid 14008] [client 170.124.32.154:60489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafm.us"] [uri "/.env.dev"] [unique_id "akrKmduR1F7DDVVtw0CdMQAAAEc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 21:06:04
(3 days ago)
Trying to access config files
Web App Attack
๐บ๐ธ
RidgeStar
2026-07-05 20:10:53
(3 days ago)
2026-07-01T17:49:33-07:00: 1'"><script>alert(68752)</script>
2026-07-01T17: ...
show more
2026-07-01T17:49:33-07:00: 1'"><script>alert(68752)</script>
2026-07-01T17:49:30-07:00: 2026'"><script>alert(68752)</script>
2026-07-01T17:49:29-07:00: 2025'"><script>alert(68752)</script>
2026-07-01T17:49:23-07:00: 1'"><script>alert(68752)</script>
2026-07-01T17:49:17-07:00: 1'"><script>alert(68752)</script>
show less
Port Scan
Hacking