๐จ๐ฆ
SSH-Admin
2026-07-10 04:00:04
(3 hours ago)
Probing for Exploits on ns200
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 02:44:03
(4 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 22:43:44.011695 2026] [security2:error] [pid 21057:tid 21057] [client 64.112.57.186:60427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.10bestcountryclubs.com"] [uri "/.env.stage"] [unique_id "alBcYL4qvrQUv8ONMHz50gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 22:37:04
(8 hours ago)
IKE Enforcement Violation.
Hacking
๐จ๐ฆ
SSH-Admin
2026-07-09 21:41:38
(9 hours ago)
Probing for Exploits on ns153
Exploited Host
Web App Attack
Anonymous
2026-07-09 21:20:05
(10 hours ago)
suspicious request in access.log
Web App Attack
๐จ๐ญ
backslash
2026-07-09 17:27:01
(13 hours ago)
block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 17:14:21
(14 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 13:13:59.420095 2026] [security2:error] [pid 11876:tid 11876] [client 64.112.57.186:45041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iclog.us"] [uri "/.env.prod"] [unique_id "ak_W14yvwKIf8m0KjU-3zQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Aetherweb Ark
2026-07-09 17:01:36
(14 hours ago)
(mod_security) mod_security (id:949110) triggered by 64.112.57.186 (US/United States/-): N in the la ...
show more
(mod_security) mod_security (id:949110) triggered by 64.112.57.186 (US/United States/-): N in the last X secs
show less
Web App Attack
๐ซ๐ท
mikekarl
2026-07-09 16:40:20
(14 hours ago)
SQL INJECTION portal_company_order_search''
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-07-09 15:25:22
(15 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:24:55.473788 2026] [security2:error] [pid 2469:tid 2469] [client 64.112.57.186:36575] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.albertmassaad.com"] [uri "/.env.live"] [unique_id "ak-9RwLbWhwXc2A2FVkokAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-09 14:57:14
(16 hours ago)
IM360 WAF: Interaction with fake plugin MV:/wp-content/plugins/pwnd/pwnd.php
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-09 14:57:14
(16 hours ago)
IM360 WAF: Direct access to sensitive file or dotfile MV:/.env
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 09:24:00
(21 hours ago)
IPBlock protected site ID [4055-d][s=07].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 05:08:36
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:08:14.430244 2026] [security2:error] [pid 629193:tid 629193] [client 64.112.57.186:54243] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coffeewitheinstein.com"] [uri "/.env.bak"] [unique_id "ak8svnwefmzH5SW_JjDXyQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 01:52:13
(1 day ago)
(mod_security) mod_security (id:212620) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.57.186 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:51:59.982377 2026] [security2:error] [pid 7390:tid 7390] [client 64.112.57.186:40331] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||old.renju.net|F|2"] [data "Matched Data: <script found within REQUEST_URI: /media/showgame.php?game_id=96177&game_no=17'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "old.renju.net"] [uri "/media/showgame.php"] [unique_id "ak7-v9kcDKX_ZTtsmi1D8AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack