Anonymous
2026-07-09 22:37:04
(2 hours ago)
Web Server Enforcement Violation.
Hacking
๐จ๐ฆ
SSH-Admin
2026-07-09 21:41:35
(2 hours ago)
Probing for Exploits on ns153
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 20:14:33
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 16:14:15.406418 2026] [security2:error] [pid 31645:tid 31645] [client 64.112.57.174:58221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.athletefirst.org"] [uri "/.env.prod"] [unique_id "alABF_WscWdzDC7r-AC8BwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 17:14:20
(7 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 13:13:59.620660 2026] [security2:error] [pid 11876:tid 11876] [client 64.112.57.174:36731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iclog.us"] [uri "/.env"] [unique_id "ak_W14yvwKIf8m0KjU-3zwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 15:25:20
(9 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:24:55.477674 2026] [security2:error] [pid 5145:tid 5145] [client 64.112.57.174:38223] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.albertmassaad.com"] [uri "/.env.production.local"] [unique_id "ak-9RxqnTM4luuzkVOzFSQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 10:49:00
(13 hours ago)
(mod_security) mod_security (id:212620) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:48:44.760079 2026] [security2:error] [pid 1835:tid 1835] [client 64.112.57.174:55723] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||thegoldentether.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /board/viewtopic.php?p=153106'\\x22><script>alert(68752)</script>&sid=e70e073346e3079003afcee2303c0fa8"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "thegoldentether.com"] [uri "/board/viewtopic.php"] [unique_id "ak98jE652hcxf8Mh97X1NgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 10:16:00
(14 hours ago)
IPBlock protected site ID [4055-d][s=07].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 07:17:49
(17 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 03:17:30.644398 2026] [security2:error] [pid 818644:tid 818644] [client 64.112.57.174:45551] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "psdinnersready.com"] [uri "/.env.development.local"] [unique_id "ak9LCojU440JDIn1mi2BJAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 04:18:37
(20 hours ago)
(mod_security) mod_security (id:211190) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 64.112.57.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 00:18:16.340482 2026] [security2:error] [pid 28764:tid 28933] [client 64.112.57.174:57071] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.adultbaja.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_abbrev&controller=../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.adultbaja.com"] [uri "/index.php"] [unique_id "ak8hCPOvMKT8-UyubSD1LQAAAco"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:43:15
(1 day ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(1 day ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐ท๐บ
OK
2026-07-08 17:06:39
(1 day ago)
HTTP/HTTPS
Hacking
Web App Attack