Anonymous
2026-07-14 06:05:13
(13 hours ago)
Blocked: Reason='Vulnerability probing β PHP scan detected (16/60 min)'; Requests=16
Port Scan
π©πͺ
BlueWire Hosting
2026-07-14 06:00:54
(13 hours ago)
Bad bot ignoring robot.txt
Bad Web Bot
π³π±
Mangelot Hosting
2026-07-14 05:44:42
(13 hours ago)
(modsecurity) srv104 ModSecurity 107.149.152.201 (BR/Brazil/-): 10 in the last 3600 secs; Ports: *; ...
show more
(modsecurity) srv104 ModSecurity 107.149.152.201 (BR/Brazil/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 04:34:24
(14 hours ago)
(mod_security) mod_security (id:210350) triggered by 107.149.152.201 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 107.149.152.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 00:34:20.343300 2026] [security2:error] [pid 32492:tid 32492] [client 107.149.152.201:28183] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.abeltours.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.abeltours.com"] [uri "/plugins/content/apismtp/apismtp.php"] [unique_id "alW8TOSCKcFBveNFjC8LVAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
taivas.nl
2026-07-14 04:32:19
(14 hours ago)
Many_bad_calls
Web App Attack
π©πͺ
psauxit
2026-07-14 04:27:13
(14 hours ago)
Fail2Ban - NGINX heavily bad-bot, possible vulnerability scanning and excessive crawling/scraping
Bad Web Bot
Web App Attack
Hacking
Web Spam
πΊπΈ
technojoe99
2026-07-14 02:04:32
(17 hours ago)
Exploit scan from 107.149.152.201. POST /wp-plain.php HTTP/1.1.
Web App Attack
π©πͺ
LRob
2026-07-14 01:29:29
(17 hours ago)
CrowdSec: crowdsecurity/http-bad-user-agent | req: /wp-content/themes/seotheme/db.php?u | 2 distinct ...
show more
CrowdSec: crowdsecurity/http-bad-user-agent | req: /wp-content/themes/seotheme/db.php?u | 2 distinct paths | UA: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.
show less
Bad Web Bot
π³π±
Savvii
2026-07-13 23:30:58
(19 hours ago)
15 attempts against mh-modsecurity-ban on pf221107
Brute-Force
Web App Attack
π§πͺ
taivas.nl
2026-07-13 22:32:02
(20 hours ago)
Wordpress_Attack
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 21:41:03
(21 hours ago)
(mod_security) mod_security (id:210350) triggered by 107.149.152.201 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 107.149.152.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 17:40:57.734643 2026] [security2:error] [pid 17979:tid 18005] [client 107.149.152.201:47401] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.nordicatrio.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.nordicatrio.com"] [uri "/plugins/content/apismtp/apismtp.php"] [unique_id "alVbaaFpe1nUrC2BKoJ5CgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-13 20:11:39
(22 hours ago)
(mod_security) mod_security (id:210350) triggered by 107.149.152.201 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210350) triggered by 107.149.152.201 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 16:11:34.845366 2026] [security2:error] [pid 28113:tid 28113] [client 107.149.152.201:32373] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||astglobaltech.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "astglobaltech.com"] [uri "/plugins/content/apismtp/apismtp.php"] [unique_id "alVGdnV60xI3zy5jmFg6ZQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
cmbplf
2026-07-13 19:37:32
(23 hours ago)
395 requests with url.path *.alfa
164 requests with url.path */wp-plain.php
Brute-Force
Bad Web Bot
π«π·
dynamix
2026-07-13 18:22:38
(1 day ago)
Multiple WAF Violations
Web App Attack
π©πͺ
nyt
2026-07-13 17:56:16
(1 day ago)
Non-standard WP File, POST to Unknown PHP
Web App Attack