Anonymous
2026-07-10 00:05:12
(1 hour ago)
suspicious request in access.log
Web App Attack
๐ซ๐ฎ
danskefilm.dk
2026-07-09 21:00:01
(4 hours ago)
wordpress login attempts
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 20:23:00
(5 hours ago)
IPBlock protected site ID [4055-d][s=02].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
๐ณ๐ฑ
MacLotsen
2026-07-09 20:13:14
(5 hours ago)
Violated robots.txt
Web Spam
๐บ๐ธ
directorioeducativo.com
2026-07-09 18:04:16
(7 hours ago)
GET URL: "/wp-content/plugins/dummyyummy/wp-signup.php"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS ...
show more
GET URL: "/wp-content/plugins/dummyyummy/wp-signup.php"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
๐ป๐ณ
Xuan Can
2026-07-09 10:00:41
(15 hours ago)
(mod_security) mod_security (id:1900947722) triggered by 64.112.56.133 (US/United States/-): 1 in th ...
show more
(mod_security) mod_security (id:1900947722) triggered by 64.112.56.133 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 17:00:28.490408 2026] [security2:error] [pid 14126:tid 14163] [client 64.112.56.133:0] ModSecurity: Access denied with code 403 (phase 1). String match "/phpMyAdmin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "58"] [id "1900947722"] [msg "Deny phpMyAdmin"] [hostname "www.sieuthimaychu.vn"] [uri "/phpMyAdmin2/"] [unique_id "ak9xPPqh6s6BNrKqR_4-5AAAAIo"]
show less
Brute-Force
SSH
๐ท๐บ
OK
2026-07-09 09:22:14
(16 hours ago)
HTTP/HTTPS
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 09:08:16
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:08:00.049530 2026] [security2:error] [pid 20428:tid 20428] [client 64.112.56.133:48699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panierduvillage.com"] [uri "/.env.production"] [unique_id "ak9k8LXEtvtEZGYFdZW1qwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 07:57:03
(17 hours ago)
Sensitive Configuration File Disclosure.
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 06:15:33
(19 hours ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:15:17.228043 2026] [security2:error] [pid 27343:tid 27462] [client 64.112.56.133:36207] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||uoexpanse.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /forums/download/file.php?avatar=153_1480862599.gif'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "uoexpanse.com"] [uri "/forums/download/file.php"] [unique_id "ak88deATwZQksAtg9SYtcQAAAoE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-09 04:18:00
(21 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 01:04:19
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:03:54.304097 2026] [security2:error] [pid 11327:tid 11327] [client 64.112.56.133:55469] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hanabritgermanshepherds.com"] [uri "/.env.stage"] [unique_id "ak7zerVL4ceZoGTWV--5WQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:41:31
(1 day ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(1 day ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:23:08
(1 day ago)
(mod_security) mod_security (id:220150) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:220150) triggered by 64.112.56.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:22:53.895089 2026] [security2:error] [pid 6608:tid 6608] [client 64.112.56.133:44311] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:listingID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.oualierealty.com|F|2"] [data "352')/**/union/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,'qscan_union_20_19'--qscan"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "ak6jjXBh-lzLOHOjjxyIIQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack