๐ณ๐ฑ
Mangelot Hosting
2026-07-10 01:26:19
(5 hours ago)
(db_admin_scan) srv101 DB admin scan 64.112.56.40 (US/United States/-): 1 in the last 3600 secs; Por ...
show more
(db_admin_scan) srv101 DB admin scan 64.112.56.40 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-09 19:26:42
(11 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 17:58:00
(13 hours ago)
IPBlock protected site ID [4055-d][s=01].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ท
mikekarl
2026-07-09 16:44:17
(14 hours ago)
SQL INJECTION portal_company_order_search''
SQL Injection
๐จ๐ญ
backslash
2026-07-09 13:24:00
(17 hours ago)
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-07-09 04:48:09
(1 day ago)
(mod_security-custom) mod_security (id:210492) triggered by 64.112.56.40 (US/United States/New Jerse ...
show more
(mod_security-custom) mod_security (id:210492) triggered by 64.112.56.40 (US/United States/New Jersey/Piscataway/-/[AS6079 RCN-AS]): 1 in the last 3600 secs (0-srv1)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 03:16:44
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:16:26.247071 2026] [security2:error] [pid 16891:tid 16891] [client 64.112.56.40:53347] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kountz.org"] [uri "/.env.production"] [unique_id "ak8SireD-nL-Phsnfi0WIgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 02:42:41
(1 day ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 22:42:23.977105 2026] [security2:error] [pid 430149:tid 430149] [client 64.112.56.40:59523] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.nchsfootballgolfouting.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php?main_page=page'\\x22><script>alert(68752)</script>&id=7"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.nchsfootballgolfouting.com"] [uri "/index.php"] [unique_id "ak8Kj_yfqEyY8ckDNIQE8QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 01:14:41
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:14:24.371098 2026] [security2:error] [pid 26606:tid 26606] [client 64.112.56.40:33693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thegoldentether.com"] [uri "/.env.prod"] [unique_id "ak718FiEEhwOrrJ4q9ENdwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 00:34:31
(1 day ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 20:34:14.205420 2026] [security2:error] [pid 6514:tid 6514] [client 64.112.56.40:48103] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||verenacastle.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /g12cartcontents.php?fromwhere=g12generic.php&fromwhat=itemdetail&itemid=100'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "verenacastle.com"] [uri "/g12cartcontents.php"] [unique_id "ak7shiSlGwD2CdCin94AKQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(1 day ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack