๐บ๐ธ
tropicalidad.be
2026-07-11 04:51:13
(1 hour ago)
blog spam/exploit attempt
Blog Spam
Hacking
๐ฆ๐บ
oncord
2026-07-10 11:26:59
(18 hours ago)
Form spam
Web Spam
๐บ๐ธ
TPI-Abuse
2026-07-10 00:09:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 20:09:21.159844 2026] [security2:error] [pid 32263:tid 32263] [client 64.112.56.134:51317] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.officechristmascards.com"] [uri "/.env.development.local"] [unique_id "alA4Mevlxo9wZCivkzQV4QAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 22:30:09
(1 day ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 20:23:00
(1 day ago)
IPBlock protected site ID [4055-d][s=06].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 20:16:53
(1 day ago)
64.112.56.134 - - [10/Jul/2026:04:16:51 +0800] "GET /.env.stage HTTP/1.1" 200 19012 "-" "Mozilla/5.0 ...
show more
64.112.56.134 - - [10/Jul/2026:04:16:51 +0800] "GET /.env.stage HTTP/1.1" 200 19012 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-09 12:51:12
(1 day ago)
[Thu Jul 09 22:51:09.250897 2026] [security2:error] [pid 506150] [client 64.112.56.134:51147] [clien ...
show more
[Thu Jul 09 22:51:09.250897 2026] [security2:error] [pid 506150] [client 64.112.56.134:51147] [client 64.112.56.134] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "valueaddedpromotions.com.au"] [uri "/.env.dev.local"] [unique_id "ak-ZPSIb5pCmULwOWZB_xAAAAAU"]
...
show less
Web App Attack
๐ป๐ณ
Xuan Can
2026-07-09 10:00:41
(1 day ago)
(mod_security) mod_security (id:1900947722) triggered by 64.112.56.134 (US/United States/-): 1 in th ...
show more
(mod_security) mod_security (id:1900947722) triggered by 64.112.56.134 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 17:00:27.988892 2026] [security2:error] [pid 14126:tid 14173] [client 64.112.56.134:0] ModSecurity: Access denied with code 403 (phase 1). String match "/phpMyAdmin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "58"] [id "1900947722"] [msg "Deny phpMyAdmin"] [hostname "www.sieuthimaychu.vn"] [uri "/phpMyAdmin-2/"] [unique_id "ak9xO_qh6s6BNrKqR_4-4gAAAJQ"]
show less
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-09 09:08:18
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:07:57.901846 2026] [security2:error] [pid 17508:tid 17508] [client 64.112.56.134:37459] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panierduvillage.com"] [uri "/.env.live"] [unique_id "ak9k7d84qJEIZx6m292YUQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 08:41:47
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:41:25.960617 2026] [security2:error] [pid 7599:tid 7599] [client 64.112.56.134:43369] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whatifandwhynot.xyz"] [uri "/.env"] [unique_id "ak9etSZ2ojsoEpj2jD8RfAAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-09 08:27:08
(1 day ago)
Web App Attack
Anonymous
2026-07-09 07:57:03
(1 day ago)
Sensitive Configuration File Disclosure.
Hacking
๐ฉ๐ช
conseilgouz
2026-07-09 06:34:47
(1 day ago)
ece-12 : Block return, carriage return, ... characters=>/media/com_cgparallax/js/defer_youtube.js?db ...
show more
ece-12 : Block return, carriage return, ... characters=>/media/com_cgparallax/js/defer_youtube.js?db73ed='(')
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 06:14:45
(1 day ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:14:36.453134 2026] [security2:error] [pid 27343:tid 27484] [client 64.112.56.134:60535] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||uoexpanse.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /forums/viewtopic.php?p=4156&sid=50affb173e0fedf4fd91d6ef2d80a5c4'\\x22><script>alert(68752)</script>&f=6"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "uoexpanse.com"] [uri "/forums/viewtopic.php"] [unique_id "ak88TOATwZQksAtg9SYtLAAAApc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 01:04:22
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:03:55.284142 2026] [security2:error] [pid 11327:tid 11327] [client 64.112.56.134:47753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hanabritgermanshepherds.com"] [uri "/.env.bak"] [unique_id "ak7ze7VL4ceZoGTWV--5WgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack