๐บ๐ธ
ipblock.com
2026-07-09 13:47:00
(3 hours ago)
IPBlock protected site ID [4055-d][s=01].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ช
stinpriza
2026-07-09 09:21:46
(8 hours ago)
Drupal Authentication failure
Brute-Force
Web App Attack
๐ญ๐บ
bcsaba
2026-07-09 08:01:45
(9 hours ago)
Probing for .env file:
64.112.56.141 - - [09/Jul/2026:10:01:00 +0200] "GET /.env.development.local H ...
show more
Probing for .env file:
64.112.56.141 - - [09/Jul/2026:10:01:00 +0200] "GET /.env.development.local HTTP/2.0" 403 548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
๐จ๐ญ
backslash
2026-07-09 04:42:00
(12 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 04:18:49
(13 hours ago)
(mod_security) mod_security (id:211190) triggered by 64.112.56.141 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 64.112.56.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:18:18.386409 2026] [security2:error] [pid 28763:tid 28890] [client 64.112.56.141:33403] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.adultbaja.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_omphotogallery&controller=../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.adultbaja.com"] [uri "/index.php"] [unique_id "ak8hClWDqmrOa02iQv9eywAAAZY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
glaserceramics
2026-07-09 01:22:02
(16 hours ago)
GET /wp-content/blogs.dir/about.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS ...
show more
GET /wp-content/blogs.dir/about.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
show less
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:42:10
(17 hours ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(19 hours ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐ซ๐ท
conseilgouz
2026-07-08 19:31:42
(21 hours ago)
ame-12 : Block return, carriage return, ... characters=>/manifestations/programme-2017/ceremonie-du- ...
show more
ame-12 : Block return, carriage return, ... characters=>/manifestations/programme-2017/ceremonie-du-souvenir-2017?view=article&id=11:liens-partenaires&a...(')
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-08 19:22:28
(22 hours ago)
(mod_security) mod_security (id:220150) triggered by 64.112.56.141 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:220150) triggered by 64.112.56.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:22:20.540052 2026] [security2:error] [pid 6022:tid 6022] [client 64.112.56.141:40263] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:listingID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.oualierealty.com|F|2"] [data "352')/**/union/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,'qscan_union_20_12',null,null,null,null,null,null,null--qscan"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "ak6jbJwnWJIWwkzUVKKBhwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-08 18:02:00
(23 hours ago)
IPBlock protected site ID [4730-fr].
Exploit request, vulnerability probe.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 17:25:21
(23 hours ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.141 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.141 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 13:25:06.753052 2026] [security2:error] [pid 16278:tid 16278] [client 64.112.56.141:60301] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||caferutadelaseda.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /detalle.php?producto=139'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "caferutadelaseda.com"] [uri "/detalle.php"] [unique_id "ak6H8i7K6wSmZm1bGx-9fgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack