๐บ๐ธ
TPI-Abuse
2026-07-11 10:18:39
(1 hour ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 06:18:18.306100 2026] [security2:error] [pid 4732:tid 4732] [client 64.112.57.161:53099] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aupapierjaponais.com"] [uri "/.env.production.local"] [unique_id "alIYanjVZ1O22iJe5mfd0QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
mikekarl
2026-07-11 08:08:43
(4 hours ago)
SQL INJECTION transfer_send_form''
SQL Injection
๐ฎ๐ช
Coolnagour
2026-07-11 05:57:58
(6 hours ago)
http-probing: /sitemap.xml
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-10 11:50:00
(1 day ago)
IPBlock protected site ID [4055-d][s=07].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ท
mikekarl
2026-07-10 06:47:26
(1 day ago)
SQL INJECTION transfer_send_form''
SQL Injection
๐บ๐ธ
Rayulcifer
2026-07-10 01:52:24
(1 day ago)
64.112.57.161 - - [09/Jul/2026:20:52:15 -0500] "GET /.env.live HTTP/2.0" 403 488 "-" "Mozilla/5.0 (M ...
show more
64.112.57.161 - - [09/Jul/2026:20:52:15 -0500] "GET /.env.live HTTP/2.0" 403 488 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
...
show less
Open Proxy
Port Scan
Hacking
Web App Attack
SSH
๐บ๐ธ
TPI-Abuse
2026-07-10 00:42:54
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 20:42:36.973550 2026] [security2:error] [pid 14834:tid 14857] [client 64.112.57.161:47199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seips.org"] [uri "/.env.dev"] [unique_id "alA__DEI6SmaEyunY4c5XQAAARM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 00:05:06
(1 day ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 21:57:31
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 17:57:09.886454 2026] [security2:error] [pid 15366:tid 15366] [client 64.112.57.161:35187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "wryemusings.com"] [uri "/.env.prod.local"] [unique_id "alAZNdVuy6azr8gi--YKqAAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:25:20
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:24:55.480516 2026] [security2:error] [pid 7956:tid 7956] [client 64.112.57.161:36077] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.albertmassaad.com"] [uri "/.env.development.local"] [unique_id "ak-9RzqcdnEZmuH98L_zBQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 13:14:25
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 09:14:18.150548 2026] [security2:error] [pid 27432:tid 27432] [client 64.112.57.161:51249] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.mathewsdental.com"] [uri "/.env.bak"] [unique_id "ak-eqp-Zh9XL90jE4jQMTwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
OK
2026-07-09 10:45:22
(2 days ago)
HTTP/HTTPS
Hacking
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 10:16:00
(2 days ago)
IPBlock protected site ID [4055-d][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 06:14:58
(2 days ago)
(mod_security) mod_security (id:212620) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.57.161 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:14:43.112490 2026] [security2:error] [pid 27343:tid 27472] [client 64.112.57.161:40943] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||uoexpanse.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /forums/feed.php?f=6'\\x22><script>alert(68752)</script>&t=1229"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "uoexpanse.com"] [uri "/forums/feed.php"] [unique_id "ak88U-ATwZQksAtg9SYtOAAAAos"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:42:37
(2 days ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack