๐ซ๐ท
conseilgouz
2026-07-10 11:41:18
(8 hours ago)
hae-12 : Block return, carriage return, ... characters=>/media/system/js/core.min.js?a3d8f8='(' ...
show more
hae-12 : Block return, carriage return, ... characters=>/media/system/js/core.min.js?a3d8f8='(')
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-10 00:04:34
(20 hours ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 20:04:17.603957 2026] [security2:error] [pid 18029:tid 18029] [client 64.112.57.195:60529] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thegoldentether.com"] [uri "/.env"] [unique_id "alA3AZTwgGWqvCgmEMATlAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
FeG Deutschland
2026-07-09 20:28:39
(23 hours ago)
Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124
Exploited Host
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-09 20:15:00
(1 day ago)
IPBlock protected site ID [4055-d][s=03].
Persistent 404, vulnerability scanner
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 11:09:52
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 07:09:29.665217 2026] [security2:error] [pid 19110:tid 19110] [client 64.112.57.195:53065] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.albertmassaad.com"] [uri "/.env.production"] [unique_id "ak-BaeEJGZ9pQNwf7XjcXQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-07-09 08:27:06
(1 day ago)
Web App Attack
๐ฉ๐ช
conseilgouz
2026-07-09 06:34:49
(1 day ago)
ece-12 : Block return, carriage return, ... characters=>/plugins/content/up/actions/anim_aos/aos.js? ...
show more
ece-12 : Block return, carriage return, ... characters=>/plugins/content/up/actions/anim_aos/aos.js?db73ed='(')
show less
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-09 06:14:41
(1 day ago)
(mod_security) mod_security (id:212620) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:212620) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 02:14:24.160385 2026] [security2:error] [pid 27341:tid 27427] [client 64.112.57.195:47161] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack||uoexpanse.com|F|2"] [data "Matched Data: <script found within REQUEST_URI: /forums/posting.php?mode=quote'\\x22><script>alert(68752)</script>&f=6&p=4156&sid=50affb173e0fedf4fd91d6ef2d80a5c4"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "uoexpanse.com"] [uri "/forums/posting.php"] [unique_id "ak88QMZkqJtdB0QhKm7xjgAAAhQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 05:07:05
(1 day ago)
(mod_security) mod_security (id:211190) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:211190) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:06:14.241377 2026] [security2:error] [pid 25299:tid 25299] [client 64.112.57.195:35923] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||panierduvillage.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /components/com_moofaq/includes/file_includer.php?gzip=0&file=/../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "panierduvillage.com"] [uri "/components/com_moofaq/includes/file_includer.php"] [unique_id "ak8sRiyDEI82BntXlZKpgAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 03:41:35
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:41:23.075927 2026] [security2:error] [pid 25536:tid 25536] [client 64.112.57.195:40315] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "old.renju.net"] [uri "/.env.prod.local"] [unique_id "ak8YY0jry_CkqQ0vWJBG9gAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 03:16:44
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 23:16:26.010312 2026] [security2:error] [pid 17342:tid 17342] [client 64.112.57.195:36661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kountz.org"] [uri "/.env.development.local"] [unique_id "ak8SiuEVWTcUSHtDEOvnagAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 01:29:09
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 21:29:04.263185 2026] [security2:error] [pid 246994:tid 246994] [client 64.112.57.195:48305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kingscruff.com"] [uri "/.env.dev.local"] [unique_id "ak75YCtAuz7DfWcHzT49xQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-07-08 23:44:12
(1 day ago)
๐ฅถ Part of a DDoS attack wave
DDoS Attack
๐จ๐ฆ
polycoda
2026-07-08 21:48:26
(1 day ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 17:32:11
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 64.112.57.195 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 13:31:51.778280 2026] [security2:error] [pid 19603:tid 19603] [client 64.112.57.195:41211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caferutadelaseda.com"] [uri "/.env.prod"] [unique_id "ak6Jh3SZa4P3Vp2MCNtwVQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack