๐บ๐ธ
TPI-Abuse
2026-07-10 04:43:18
(58 minutes ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 00:42:54.851656 2026] [security2:error] [pid 25234:tid 25234] [client 64.112.56.147:34201] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.athletefirst.org"] [uri "/.env.stage"] [unique_id "alB4TjPwHEf6rk7v5Q-hAQAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ด
jad-abuse
2026-07-09 19:48:41
(9 hours ago)
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe ...
show more
ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 1 hits.
show less
Web App Attack
๐บ๐ธ
directorioeducativo.com
2026-07-09 18:04:13
(11 hours ago)
GET URL: "/.env.development.local"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKi ...
show more
GET URL: "/.env.development.local"Agent: "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
show less
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 13:47:00
(15 hours ago)
IPBlock protected site ID [4055-d][s=03].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 09:10:12
(20 hours ago)
suspicious request in access.log
Web App Attack
๐ฉ๐ช
conseilgouz
2026-07-09 06:34:51
(23 hours ago)
ece-12 : Block return, carriage return, ... characters=>/media/astroid/js/offcanvas.min.js?db73ed=&# ...
show more
ece-12 : Block return, carriage return, ... characters=>/media/astroid/js/offcanvas.min.js?db73ed='(')
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 05:39:49
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:39:25.897822 2026] [security2:error] [pid 675415:tid 675415] [client 64.112.56.147:49021] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nchsfootballgolfouting.com"] [uri "/.env.dev.local"] [unique_id "ak80Dewdoult3kVviUUtsQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:35:54
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:35:39.490612 2026] [security2:error] [pid 28100:tid 28100] [client 64.112.56.147:57303] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easternimport.com"] [uri "/.env"] [unique_id "ak8lGyqcj_SyyALsCw5SLAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 01:04:20
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:03:54.300003 2026] [security2:error] [pid 12824:tid 12824] [client 64.112.56.147:36359] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hanabritgermanshepherds.com"] [uri "/.env.production.local"] [unique_id "ak7zelXFsAjNt2z3_yEGQgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 23:36:27
(1 day ago)
Application Servers Protection Violation.
Hacking
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(1 day ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:26:17
(1 day ago)
(mod_security) mod_security (id:220150) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:220150) triggered by 64.112.56.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:26:00.651846 2026] [security2:error] [pid 7459:tid 7459] [client 64.112.56.147:33123] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:listingID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.oualierealty.com|F|2"] [data "352')/**/and/**/1/**/like/**/2/**/union/**/all/**/select/**/null,null,null,null,null,null,null,null,null,null,null,'qscan_union_20_11',null,null,null,null,null,null,null,null--qscan"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "ak6kSJs_yahiYghhA4rszgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Oakley
2026-07-08 18:46:15
(1 day ago)
(antiscrape_rule) Web application abuse detected 64.112.56.147 (US/United States/-): 5 in the last 9 ...
show more
(antiscrape_rule) Web application abuse detected 64.112.56.147 (US/United States/-): 5 in the last 900 secs
show less
Hacking
๐ท๐บ
OK
2026-07-08 17:06:19
(1 day ago)
HTTP/HTTPS
Hacking
Web App Attack