๐ต๐ฑ
sefinek.net
2026-07-09 20:03:36
(6 hours ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/2 (GET) | Endpoint: / | UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36 โข Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-09 15:25:17
(10 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:24:55.482834 2026] [security2:error] [pid 31095:tid 31095] [client 64.112.57.192:36519] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.albertmassaad.com"] [uri "/.env.local"] [unique_id "ak-9RwMXWOhQZ2EZtAIHXgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 13:47:00
(12 hours ago)
IPBlock protected site ID [4055-d][s=01].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 10:49:06
(15 hours ago)
(mod_security) mod_security (id:212620) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 06:48:57.959141 2026] [security2:error] [pid 1834:tid 1834] [client 64.112.57.192:48909] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "3"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||thegoldentether.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /board/assets/javascript/jquery-3.7.1.min.js?assets_version=25'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "thegoldentether.com"] [uri "/board/assets/javascript/jquery-3.7.1.min.js"] [unique_id "ak98mTND6jxk2g9WM4Q4EAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-09 08:27:07
(17 hours ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 08:19:09
(17 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:18:51.793712 2026] [security2:error] [pid 30143:tid 30143] [client 64.112.57.192:45909] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrbaystreet.com"] [uri "/.env.development.local"] [unique_id "ak9Zaw6Q8U5ghR8vF5qD2wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-09 07:57:03
(18 hours ago)
Sensitive Configuration File Disclosure.
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 06:15:18
(19 hours ago)
(mod_security) mod_security (id:212620) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:15:02.412284 2026] [security2:error] [pid 27342:tid 27447] [client 64.112.57.192:51179] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||uoexpanse.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /forums/feed.php?mode=topics'\\x22><script>alert(68752)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "uoexpanse.com"] [uri "/forums/feed.php"] [unique_id "ak88ZlrUyrDvaTxKb_biTQAAAk0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 05:08:34
(21 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:08:14.442726 2026] [security2:error] [pid 620971:tid 620971] [client 64.112.57.192:56989] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "coffeewitheinstein.com"] [uri "/.env.production"] [unique_id "ak8svkXwxytOG6-Kgpk64gAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 03:41:33
(22 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:41:23.074682 2026] [security2:error] [pid 812:tid 812] [client 64.112.57.192:47521] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "old.renju.net"] [uri "/.env.dev"] [unique_id "ak8YYwsSIS0pzellfhrULAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Starburst SysOp Team
2026-07-09 02:22:42
(23 hours ago)
(mod_security-custom) mod_security (id:212620) triggered by 64.112.57.192 (US/United States/New Jers ...
show more
(mod_security-custom) mod_security (id:212620) triggered by 64.112.57.192 (US/United States/New Jersey/Piscataway/-/[AS6079 RCN-AS]): 1 in the last 3600 secs (0-srv1)
show less
Hacking
๐บ๐ธ
glaserceramics
2026-07-09 01:22:02
(1 day ago)
GET /wp-content/plugins/index.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X ...
show more
GET /wp-content/plugins/index.php via HTTP/1.1 - User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/136.0.0.0 Safari/537.36
show less
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:43:57
(1 day ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(1 day ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack