๐บ๐ธ
TPI-Abuse
2026-07-10 04:43:14
(8 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 00:42:52.105257 2026] [security2:error] [pid 30306:tid 30306] [client 64.112.57.178:56467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.athletefirst.org"] [uri "/.env.production"] [unique_id "alB4TPDqwE0FplbyZY_jZQAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 00:53:23
(12 hours ago)
"GET /wp-includes/SimplePie/about.php HTTP/1.1"
Hacking
Web App Attack
๐ง๐ช
voormedia
2026-07-09 23:40:09
(14 hours ago)
Accessed trap at '/.env'
Web App Attack
Anonymous
2026-07-09 21:20:05
(16 hours ago)
suspicious request in access.log
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-09 20:28:10
(17 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24
Exploited Host
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 17:58:00
(19 hours ago)
IPBlock protected site ID [4055-d][s=06].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 09:55:54
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:55:38.335728 2026] [security2:error] [pid 17185:tid 17268] [client 64.112.57.178:49723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.aapm.info"] [uri "/.env.stage"] [unique_id "ak9wGp4FaY_COxl3XlSYnQAAAZE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 07:57:03
(1 day ago)
Sensitive Configuration File Disclosure.
Hacking
๐ฉ๐ช
conseilgouz
2026-07-09 06:34:57
(1 day ago)
ece-12 : Block return, carriage return, ... characters=>/media/system/js/multiselect.min.js?b135d0=& ...
show more
ece-12 : Block return, carriage return, ... characters=>/media/system/js/multiselect.min.js?b135d0='(')
show less
Hacking
๐ณ๐ฑ
Mangelot Hosting
2026-07-09 01:14:02
(1 day ago)
(db_admin_scan) srv102 DB admin scan 64.112.57.178 (US/United States/-): 1 in the last 3600 secs; Po ...
show more
(db_admin_scan) srv102 DB admin scan 64.112.57.178 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 00:30:43
(1 day ago)
(mod_security) mod_security (id:212620) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 20:30:27.935582 2026] [security2:error] [pid 3173:tid 3173] [client 64.112.57.178:42195] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||thegoldentether.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /board/search.php?author_id=9912&sr=posts&sid=cf9d029578c1e33c408862b3a75db84e'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "thegoldentether.com"] [uri "/board/search.php"] [unique_id "ak7rozemwbl_LgfBLPdRQwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:43:22
(1 day ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(1 day ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 19:25:43
(1 day ago)
(mod_security) mod_security (id:220150) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:220150) triggered by 64.112.57.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:25:25.605920 2026] [security2:error] [pid 7488:tid 7488] [client 64.112.57.178:55955] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\*.{0,399}\\\\*\\\\/)?select)" at ARGS:listingID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5662"] [id "220150"] [rev "5"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)||www.oualierealty.com|F|2"] [data "352'/**/union/**/all/**/select/**/null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,'qscan_union_20_16',null,null,null--qscan"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.oualierealty.com"] [uri "/index.php"] [unique_id "ak6kJdv0VdK3Od0ntAxE9QAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack