๐บ๐ธ
ipblock.com
2026-07-10 11:50:00
(11 hours ago)
IPBlock protected site ID [4055-d][s=06].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 06:27:33
(16 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 02:27:16.786789 2026] [security2:error] [pid 21868:tid 21868] [client 64.112.56.140:45231] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.caferutadelaseda.com"] [uri "/.env.bak"] [unique_id "alCQxK17X6VixSaYgHVwPAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
mikekarl
2026-07-10 04:49:17
(18 hours ago)
SQL INJECTION forms_send''
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-10 04:43:04
(18 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 00:42:47.017054 2026] [security2:error] [pid 30306:tid 30306] [client 64.112.56.140:49395] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.athletefirst.org"] [uri "/.env.bak"] [unique_id "alB4R_DqwE0FplbyZY_jZAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 21:57:35
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 17:57:08.285348 2026] [security2:error] [pid 15236:tid 15236] [client 64.112.56.140:42665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wryemusings.com"] [uri "/.env.dev.local"] [unique_id "alAZNG3e-ziXBNIQOlfSgAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
directorioeducativo.com
2026-07-09 18:04:14
(1 day ago)
GET URL: "/.env.dev"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTM ...
show more
GET URL: "/.env.dev"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
๐ป๐ณ
Xuan Can
2026-07-09 10:00:41
(1 day ago)
(mod_security) mod_security (id:1900947722) triggered by 64.112.56.140 (US/United States/-): 1 in th ...
show more
(mod_security) mod_security (id:1900947722) triggered by 64.112.56.140 (US/United States/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 17:00:28.867415 2026] [security2:error] [pid 27143:tid 27190] [client 64.112.56.140:0] ModSecurity: Access denied with code 403 (phase 1). String match "/phpMyAdmin" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "58"] [id "1900947722"] [msg "Deny phpMyAdmin"] [hostname "www.sieuthimaychu.vn"] [uri "/phpMyAdmin-2.2.3/"] [unique_id "ak9xPNig7HX2eHiaOv_FlwAAAFQ"]
show less
Brute-Force
SSH
๐ฉ๐ช
stinpriza
2026-07-09 09:21:45
(1 day ago)
Drupal Authentication failure
Brute-Force
Web App Attack
๐จ๐ญ
backslash
2026-07-09 08:27:08
(1 day ago)
Web App Attack
๐ญ๐บ
bcsaba
2026-07-09 08:01:45
(1 day ago)
Probing for .env file:
64.112.56.140 - - [09/Jul/2026:10:01:00 +0200] "GET /.env.dev.local HTTP/2.0" ...
show more
Probing for .env file:
64.112.56.140 - - [09/Jul/2026:10:01:00 +0200] "GET /.env.dev.local HTTP/2.0" 403 548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 07:17:50
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 03:17:30.632899 2026] [security2:error] [pid 819906:tid 819906] [client 64.112.56.140:52033] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psdinnersready.com"] [uri "/.env"] [unique_id "ak9LColzOF5_pcMLG_c1jAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:18:38
(1 day ago)
(mod_security) mod_security (id:211190) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 64.112.56.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:18:18.468557 2026] [security2:error] [pid 28764:tid 28933] [client 64.112.56.140:40807] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.adultbaja.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_biblestudy&id=1&view=studieslist&controller=../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.adultbaja.com"] [uri "/index.php"] [unique_id "ak8hCvOvMKT8-UyubSD1NgAAAco"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Bedios GmbH
2026-07-09 04:02:01
(1 day ago)
Login credentials theft attempt
Hacking
๐จ๐ฆ
polycoda
2026-07-08 23:42:07
(1 day ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(2 days ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack