๐บ๐ฆ
URAN Publishing Service
2026-07-11 21:23:17
(1 day ago)
64.112.57.168 - - [12/Jul/2026:00:23:17 +0300] "GET /.env HTTP/1.1" 404 3278 "-" "Mozilla/5.0 (Macin ...
show more
64.112.57.168 - - [12/Jul/2026:00:23:17 +0300] "GET /.env HTTP/1.1" 404 3278 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-07-11 20:07:22
(1 day ago)
64.112.57.168 - - [11/Jul/2026:22:58:33 +0300] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 4670 ...
show more
64.112.57.168 - - [11/Jul/2026:22:58:33 +0300] "GET /wp-includes/css/buttons.css HTTP/1.1" 404 4670 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
64.112.57.168 - - [11/Jul/2026:23:07:21 +0300] "GET /wp-includes/Requests/about.php HTTP/1.1" 404 4667 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ซ๐ท
conseilgouz
2026-07-11 18:58:48
(1 day ago)
loe-11 : Block illegal characters=>/?format=json%3Cscr%3Cscript%3Eipt%3Ealert(qsxss9k7z)%3C/scr%3C/s ...
show more
loe-11 : Block illegal characters=>/?format=json%3Cscr%3Cscript%3Eipt%3Ealert(qsxss9k7z)%3C/scr%3C/script%3Eipt%3E(alert(alert)
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-11 10:18:38
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 06:18:18.287285 2026] [security2:error] [pid 7472:tid 7472] [client 64.112.57.168:55083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aupapierjaponais.com"] [uri "/.env.local"] [unique_id "alIYah7PzwO5hFF21GqPmgAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-10 18:56:00
(2 days ago)
IPBlock protected site ID [4055-d][s=06].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 16:10:32
(2 days ago)
[10/Jul/2026:19:10:28 +0300] 178369982863.297682 64.112.57.168 33081 148.251.76.218 443
[10/Jul/2026 ...
show more
[10/Jul/2026:19:10:28 +0300] 178369982863.297682 64.112.57.168 33081 148.251.76.218 443
[10/Jul/2026:19:10:31 +0300] 178369983167.021463 64.112.57.168 33081 148.251.76.218 443
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 00:42:59
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 20:42:36.969662 2026] [security2:error] [pid 14834:tid 14843] [client 64.112.57.168:38767] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "seips.org"] [uri "/.env.production"] [unique_id "alA__DEI6SmaEyunY4c5XAAAAQU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
EGP Abuse Dept
2026-07-10 00:37:46
(3 days ago)
Scanning for web/db/file exploits on www.winkelspiegel.com
SQL Injection
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 23:06:01
(3 days ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 20:14:39
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 16:14:15.444422 2026] [security2:error] [pid 3860:tid 3860] [client 64.112.57.168:44825] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.athletefirst.org"] [uri "/.env"] [unique_id "alABF27Gu23Gs1k2k4T6qwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ต๐ฑ
sefinek.net
2026-07-09 19:18:23
(3 days ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET) | Endpoint: / | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐จ๐ญ
backslash
2026-07-09 18:57:01
(3 days ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 18:12:29
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 14:12:09.539365 2026] [security2:error] [pid 1952839:tid 1952839] [client 64.112.57.168:33301] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psdinnersready.com"] [uri "/.env.bak"] [unique_id "ak_keUOwl5erYA86J41KqQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:25:18
(3 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:24:55.474752 2026] [security2:error] [pid 7291:tid 7291] [client 64.112.57.168:50051] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.albertmassaad.com"] [uri "/.env.prod.local"] [unique_id "ak-9R5pZAEbnaJSulKiQWAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 05:55:00
(4 days ago)
IPBlock protected site ID [4055-d][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack