Anonymous
2026-07-09 21:20:07
(1 hour ago)
suspicious request in access.log
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-09 19:26:38
(3 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
directorioeducativo.com
2026-07-09 18:04:16
(5 hours ago)
GET URL: "/phpmyadmin2/"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 ( ...
show more
GET URL: "/phpmyadmin2/"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
๐จ๐ญ
backslash
2026-07-09 17:27:00
(5 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 10:48:52
(12 hours ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:48:36.575274 2026] [security2:error] [pid 628:tid 628] [client 64.112.56.144:38015] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||thegoldentether.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /board/ucp.php?mode=register'\\x22><script>alert(68752)</script>&sid=e70e073346e3079003afcee2303c0fa8"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "thegoldentether.com"] [uri "/board/ucp.php"] [unique_id "ak98hCYs3YUNhrgTRufoqAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 07:57:03
(15 hours ago)
Sensitive Configuration File Disclosure.
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 05:39:46
(17 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:39:25.900101 2026] [security2:error] [pid 665025:tid 665025] [client 64.112.56.144:37757] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nchsfootballgolfouting.com"] [uri "/.env"] [unique_id "ak80Ddg-4IqtExJHVfkvdgAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 05:06:56
(18 hours ago)
(mod_security) mod_security (id:211190) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:06:13.527634 2026] [security2:error] [pid 28864:tid 28864] [client 64.112.56.144:56653] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||panierduvillage.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_gcalendar&controller=../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panierduvillage.com"] [uri "/index.php"] [unique_id "ak8sRRz9yyDFdovUoGP1UQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:18:48
(18 hours ago)
(mod_security) mod_security (id:211190) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:18:18.574450 2026] [security2:error] [pid 28764:tid 28930] [client 64.112.56.144:43657] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.adultbaja.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_kif_nexus&controller=../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.adultbaja.com"] [uri "/index.php"] [unique_id "ak8hCvOvMKT8-UyubSD1NwAAAcc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
glaserceramics
2026-07-09 01:22:02
(21 hours ago)
GET /wp-admin/images/about.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_ ...
show more
GET /wp-admin/images/about.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:26:09
(1 day ago)
(mod_security) mod_security (id:220150) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:220150) triggered by 64.112.56.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:26:01.058275 2026] [security2:error] [pid 7488:tid 7488] [client 64.112.56.144:60615] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:listingID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.oualierealty.com|F|2"] [data "352')/**/and/**/1/**/like/**/2/**/union/**/all/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,'qscan_union_20_12',null,null,null,null,null,null,null--qscan"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "ak6kSdv0VdK3Od0ntAxE9wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-08 18:02:00
(1 day ago)
IPBlock protected site ID [4730-fr].
Exploit request, vulnerability probe.
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ฎ
danskefilm.dk
2026-07-08 16:30:01
(1 day ago)
wordpress login attempts
Web App Attack