πΊπΈ
tropicalidad.be
2026-07-11 04:51:13
(46 minutes ago)
blog spam/exploit attempt
Blog Spam
Hacking
πΊπΈ
ipblock.com
2026-07-10 11:50:00
(17 hours ago)
IPBlock protected site ID [4055-d][s=02].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 04:55:06
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 00:54:46.482528 2026] [security2:error] [pid 2138764:tid 2138764] [client 64.112.56.132:55295] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3905ccn.org"] [uri "/.env.production"] [unique_id "alB7FqraAwrOAKEW6Z3-aAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 00:04:36
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 20:04:17.643738 2026] [security2:error] [pid 17649:tid 17649] [client 64.112.56.132:53585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thegoldentether.com"] [uri "/.env.live"] [unique_id "alA3Ad1lDEO1AJ2rfR4AewAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π΄
jad-abuse
2026-07-09 19:48:41
(1 day ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: admin_too ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: admin_tools. Observed by 1 sensor(s); 1 hits.
show less
Brute-Force
Web App Attack
π©πͺ
FeG Deutschland
2026-07-09 19:26:36
(1 day ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
πΊπΈ
directorioeducativo.com
2026-07-09 18:04:16
(1 day ago)
GET URL: "/inputs.php"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KH ...
show more
GET URL: "/inputs.php"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
πΊπΈ
ipblock.com
2026-07-09 13:47:00
(1 day ago)
IPBlock protected site ID [4055-d][s=03].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
π¨π
backslash
2026-07-09 12:57:00
(1 day ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-07-09 09:55:56
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:55:38.321257 2026] [security2:error] [pid 27550:tid 27564] [client 64.112.56.132:59711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aapm.info"] [uri "/.env.production"] [unique_id "ak9wGh623LrZ73AlHFB46wAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 07:52:05
(1 day ago)
Web Clients HTTP URL JavaScript Function Cross-Site Scripting.
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 05:07:09
(2 days ago)
(mod_security) mod_security (id:211190) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:06:16.829828 2026] [security2:error] [pid 28897:tid 28897] [client 64.112.56.132:59471] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||panierduvillage.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /src/redirect.php?plugins[]=../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panierduvillage.com"] [uri "/src/redirect.php"] [unique_id "ak8sSF4y_1OcPxxe8lKECgAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-09 03:39:22
(2 days ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:39:05.697582 2026] [security2:error] [pid 28519:tid 28519] [client 64.112.56.132:50371] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||mrbaystreet.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php/2012-06-01-23-32-30/business-releases?doc=201303140835pr_news_uspr_____ph77061'\\x22><script>alert(68752)</script>&dir=0"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "mrbaystreet.com"] [uri "/index.php/2012-06-01-23-32-30/business-releases"] [unique_id "ak8X2YXPlNKyUVKEwya43AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 19:25:42
(2 days ago)
(mod_security) mod_security (id:220150) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:220150) triggered by 64.112.56.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:25:25.200387 2026] [security2:error] [pid 7459:tid 7459] [client 64.112.56.132:34215] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:listingID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.oualierealty.com|F|2"] [data "352'/**/union/**/all/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,'qscan_union_20_15',null,null,null,null--qscan"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "ak6kJZs_yahiYghhA4rszAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
ipblock.com
2026-07-08 18:02:00
(2 days ago)
IPBlock protected site ID [4730-fr].
Exploit request, vulnerability probe.
Hacking
Bad Web Bot
Web App Attack