๐ซ๐ท
conseilgouz
2026-07-11 08:22:20
(2 hours ago)
joe-12 : Block return, carriage return, ... characters=>/joomla/telechargements/157-joomla-6/164-6-1 ...
show more
joe-12 : Block return, carriage return, ... characters=>/joomla/telechargements/157-joomla-6/164-6-1/167-6-1-2.html?download=703:fichier-complet-dinstallation-de-joomla-6-1-2-fr'(')
show less
Hacking
๐ซ๐ท
COMAITE
2026-07-11 08:04:45
(3 hours ago)
SQL injection attempt from 64.112.56.54.
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-10 11:50:00
(23 hours ago)
IPBlock protected site ID [4055-d][s=03].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 08:04:00
(1 day ago)
Brute-Force
Web App Attack
SSH
Hacking
๐ซ๐ท
mikekarl
2026-07-10 06:47:17
(1 day ago)
SQL INJECTION booking_2_kiosk''
SQL Injection
Anonymous
2026-07-09 22:30:04
(1 day ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 20:14:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.56.54 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.56.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 16:14:15.710245 2026] [security2:error] [pid 2683:tid 2683] [client 64.112.56.54:53549] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.athletefirst.org"] [uri "/.env.local"] [unique_id "alABF-ecJ3lgd6ikGtoAIAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 09:24:00
(2 days ago)
IPBlock protected site ID [4055-d][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ท๐บ
OK
2026-07-09 08:47:17
(2 days ago)
HTTP/HTTPS
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 02:42:40
(2 days ago)
(mod_security) mod_security (id:212620) triggered by 64.112.56.54 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.56.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 22:42:23.969970 2026] [security2:error] [pid 428833:tid 428833] [client 64.112.56.54:34507] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||www.nchsfootballgolfouting.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /index.php?main_page=page&id=7'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "www.nchsfootballgolfouting.com"] [uri "/index.php"] [unique_id "ak8Kj2bcjnKVhaOXHDscpgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Mangelot Hosting
2026-07-09 01:31:17
(2 days ago)
(db_admin_scan) srv102 DB admin scan 64.112.56.54 (US/United States/-): 1 in the last 3600 secs; Por ...
show more
(db_admin_scan) srv102 DB admin scan 64.112.56.54 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
glaserceramics
2026-07-09 01:22:02
(2 days ago)
GET /wp-includes/Requests/about.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS ...
show more
GET /wp-includes/Requests/about.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
show less
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:41:22
(2 days ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(2 days ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:22:38
(2 days ago)
(mod_security) mod_security (id:220150) triggered by 64.112.56.54 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:220150) triggered by 64.112.56.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:22:22.812786 2026] [security2:error] [pid 4717:tid 4717] [client 64.112.56.54:43629] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:listingID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.oualierealty.com|F|2"] [data "352')/**/union/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,'qscan_union_20_17',null,null--qscan"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "ak6jbld-VMqkNy4HuEJGhgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack