|
๐ฆ๐ฒ
5.77.135.60
|
|
(mod_security) mod_security (id:240335) triggered by 5.77.135.60 (host-60.135.77.5.ucom.am): 1 in th ...
show more
(mod_security) mod_security (id:240335) triggered by 5.77.135.60 (host-60.135.77.5.ucom.am): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:25:00.753586 2026] [security2:error] [pid 7042:tid 7042] [client 5.77.135.60:56598] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.77.135.60 (+1 hits since last alert)|ucommsi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ucommsi.com"] [uri "/xmlrpc.php"] [unique_id "alZUzNL9VUIeIFaf-SHEAAAAAAQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ฟ๐ฆ
102.219.24.200
|
|
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 102.219.24.200 (102-219-24-200.vox.co.za): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:24:57.330833 2026] [security2:error] [pid 22152:tid 22152] [client 102.219.24.200:12325] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 102.219.24.200 (+1 hits since last alert)|magacine.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magacine.tv"] [uri "/xmlrpc.php"] [unique_id "alZUydtjsku2u4Jyl_QOuAAAABE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ฟ๐ฆ
196.39.18.248
|
|
(mod_security) mod_security (id:240335) triggered by 196.39.18.248 (196-39-18-248.ftth.web.africa): ...
show more
(mod_security) mod_security (id:240335) triggered by 196.39.18.248 (196-39-18-248.ftth.web.africa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:24:38.862666 2026] [security2:error] [pid 14693:tid 14693] [client 196.39.18.248:53470] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.39.18.248 (+1 hits since last alert)|primacomm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "primacomm.com"] [uri "/xmlrpc.php"] [unique_id "alZUtm-oKd8M_Hp6fz030QAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐จ๐ณ
119.248.158.65
|
|
(mod_security) mod_security (id:210831) triggered by 119.248.158.65 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 119.248.158.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:24:28.258253 2026] [security2:error] [pid 26188:tid 26188] [client 119.248.158.65:8462] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||amybeam.info|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "amybeam.info"] [uri "/"] [unique_id "alZUrMHJTZJ1L93oNLD58gAAABc"], referer: http://amybeam.info/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ช๐ฌ
41.234.4.35
|
|
(mod_security) mod_security (id:240335) triggered by 41.234.4.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 41.234.4.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:24:12.570710 2026] [security2:error] [pid 26750:tid 26750] [client 41.234.4.35:59181] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.234.4.35 (+1 hits since last alert)|radicalchange.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "radicalchange.org"] [uri "/xmlrpc.php"] [unique_id "alZUnMoJQLdRJATvIli6dwAAAAY"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ฎ๐ณ
2401:4900:8fe1:1ef0:89c6:9583:e7da:410d
|
|
(mod_security) mod_security (id:225170) triggered by 2401:4900:8fe1:1ef0:89c6:9583:e7da:410d (Unknow ...
show more
(mod_security) mod_security (id:225170) triggered by 2401:4900:8fe1:1ef0:89c6:9583:e7da:410d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:24:01.207630 2026] [security2:error] [pid 30717:tid 30717] [client 2401:4900:8fe1:1ef0:89c6:9583:e7da:410d:54740] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lovebuilds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lovebuilds.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alZUkR837QhASZ468lfUYAAAAAs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ฉ๐ช
140.248.75.169
|
|
(mod_security) mod_security (id:210492) triggered by 140.248.75.169 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:24:01.486460 2026] [security2:error] [pid 1915:tid 1930] [client 140.248.75.169:46532] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lordennerdale.com"] [uri "/.git/config"] [unique_id "alZUkaR0BSp3exg1k7Nr1QAAAAs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ธ๐ช
157.52.122.24
|
|
(mod_security) mod_security (id:210492) triggered by 157.52.122.24 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:23:55.897730 2026] [security2:error] [pid 17430:tid 17430] [client 157.52.122.24:9478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.coolray.net"] [uri "/.git/config"] [unique_id "alZUi0uYbHDCX4qRPBD2wAAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐จ๐ด
190.159.39.57
|
|
(mod_security) mod_security (id:240335) triggered by 190.159.39.57 (dynamic-ip-1901593957.cable.net. ...
show more
(mod_security) mod_security (id:240335) triggered by 190.159.39.57 (dynamic-ip-1901593957.cable.net.co): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:23:53.874340 2026] [security2:error] [pid 24325:tid 24325] [client 190.159.39.57:51156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 190.159.39.57 (+1 hits since last alert)|cosplayculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cosplayculture.com"] [uri "/xmlrpc.php"] [unique_id "alZUiWN6hFmtcSr2vLKfLwAAABI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ซ๐ท
62.4.29.74
|
|
(mod_security) mod_security (id:210492) triggered by 62.4.29.74 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210492) triggered by 62.4.29.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:23:45.203874 2026] [security2:error] [pid 4211:tid 4211] [client 62.4.29.74:57398] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drbbenefits.com"] [uri "/.git/config"] [unique_id "alZUgetg3j41VQdd7mdIzgAAAA4"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐จ๐ณ
223.88.227.196
|
|
(mod_security) mod_security (id:210831) triggered by 223.88.227.196 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 223.88.227.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:23:25.839276 2026] [security2:error] [pid 3505:tid 3505] [client 223.88.227.196:1279] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.herzlo.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.herzlo.com"] [uri "/"] [unique_id "alZUbeDKZSxt53yChUHiVwAAAAg"], referer: http://www.herzlo.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐บ๐ธ
34.23.159.50
|
|
(mod_security) mod_security (id:225170) triggered by 34.23.159.50 (50.159.23.34.bc.googleusercontent ...
show more
(mod_security) mod_security (id:225170) triggered by 34.23.159.50 (50.159.23.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:23:17.647284 2026] [security2:error] [pid 26468:tid 26468] [client 34.23.159.50:54359] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.nivotrol.innovacionesnimba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.nivotrol.innovacionesnimba.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alZUZSBUha26LJtTFWQDKAAAAA0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐บ๐ธ
2a09:bac5:9441:3af::5e:78
|
|
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9441:3af::5e:78 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac5:9441:3af::5e:78 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:23:10.998604 2026] [security2:error] [pid 11528:tid 11528] [client 2a09:bac5:9441:3af::5e:78:11598] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.schedlerbrennan.com"] [uri "/.env"] [unique_id "alZUXmEdcGrUiCrhlNTBjgAAAAc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ญ๐ฐ
42.201.192.14
|
|
(mod_security) mod_security (id:210350) triggered by 42.201.192.14 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210350) triggered by 42.201.192.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:23:06.019677 2026] [security2:error] [pid 7606:tid 7606] [client 42.201.192.14:50684] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||player-care.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "player-care.com"] [uri "/elect01.html"] [unique_id "alZUWqFREkdgtZ1_LcYQJwAAABA"], referer: https://player-care.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐บ๐ธ
34.26.135.193
|
|
(mod_security) mod_security (id:225170) triggered by 34.26.135.193 (193.135.26.34.bc.googleuserconte ...
show more
(mod_security) mod_security (id:225170) triggered by 34.26.135.193 (193.135.26.34.bc.googleusercontent.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:33.281441 2026] [security2:error] [pid 7879:tid 7879] [client 34.26.135.193:59763] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.dorismitchell.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.dorismitchell.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "alZUOaG6p1maoSf6f7aUrAAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐บ๐ธ
12.89.212.166
|
|
(mod_security) mod_security (id:240335) triggered by 12.89.212.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 12.89.212.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:30.164392 2026] [security2:error] [pid 13762:tid 13762] [client 12.89.212.166:59959] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 12.89.212.166 (+1 hits since last alert)|comicpreservation.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "comicpreservation.com"] [uri "/xmlrpc.php"] [unique_id "alZUNmNlgdImXIbY--smjAAAAAE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ต๐ฐ
160.30.104.98
|
|
(mod_security) mod_security (id:240335) triggered by 160.30.104.98 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 160.30.104.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:21.815304 2026] [security2:error] [pid 12163:tid 12194] [client 160.30.104.98:62929] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 160.30.104.98 (+1 hits since last alert)|travelusa.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "travelusa.us"] [uri "/xmlrpc.php"] [unique_id "alZULYpJV3AxZ7HP2MN_FAAAAVg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ง๐ฉ
123.253.65.178
|
|
(mod_security) mod_security (id:240335) triggered by 123.253.65.178 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 123.253.65.178 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:18.033258 2026] [security2:error] [pid 7912:tid 7932] [client 123.253.65.178:60155] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 123.253.65.178 (+1 hits since last alert)|ccgparquitectos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ccgparquitectos.com"] [uri "/xmlrpc.php"] [unique_id "alZUKqh75MGMDtULKq4IgAAAAVI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐บ๐ธ
98.82.201.68
|
|
(mod_security) mod_security (id:210831) triggered by 98.82.201.68 (ec2-98-82-201-68.compute-1.amazon ...
show more
(mod_security) mod_security (id:210831) triggered by 98.82.201.68 (ec2-98-82-201-68.compute-1.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:16.868165 2026] [security2:error] [pid 31817:tid 31817] [client 98.82.201.68:54132] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||mininomotorfix.com|F|4"] [data "Web Downloader"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "mininomotorfix.com"] [uri "/"] [unique_id "alZUKKvyqaSnzmuacGNggQAAABo"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐จ๐ฆ
54.39.0.167
|
|
(mod_security) mod_security (id:210730) triggered by 54.39.0.167 (proxy-ca004-san167.ahrefs.net): 1 ...
show more
(mod_security) mod_security (id:210730) triggered by 54.39.0.167 (proxy-ca004-san167.ahrefs.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:15.105278 2026] [security2:error] [pid 12742:tid 12742] [client 54.39.0.167:29404] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pharmaceuticalsalescertifications.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pharmaceuticalsalescertifications.com"] [uri "/hello-world/true-fortune-uk.com"] [unique_id "alZUJ8PpYBInPqmgoX9JUAAAAAs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ธ๐ช
157.52.122.26
|
|
(mod_security) mod_security (id:210492) triggered by 157.52.122.26 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:14.373927 2026] [security2:error] [pid 15443:tid 15443] [client 157.52.122.26:39972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.goldenfrytech.net"] [uri "/.git/HEAD"] [unique_id "alZUJi6Zd6YCubHrzcsXSQAAADI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ฉ๐ช
178.218.129.69
|
|
(mod_security) mod_security (id:210580) triggered by 178.218.129.69 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210580) triggered by 178.218.129.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:03.529774 2026] [security2:error] [pid 4032:tid 4032] [client 178.218.129.69:42340] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_landing_page. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt||insidemilb.com|F|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_landing_page: http:/inlinesecurityfence.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "insidemilb.com"] [uri "/.vscode/sftp.json"] [unique_id "alZUG1mFfJapDnZ8-LfwBQAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐ณ๐ฑ
95.211.19.159
|
|
(mod_security) mod_security (id:240335) triggered by 95.211.19.159 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 95.211.19.159 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:22:04.749447 2026] [security2:error] [pid 25963:tid 25963] [client 95.211.19.159:59331] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 95.211.19.159 (+1 hits since last alert)|thesalonx.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "alZUHC_zUcHdQ_USxOM7SwAAAA4"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐บ๐ธ
34.219.134.195
|
|
(mod_security) mod_security (id:210492) triggered by 34.219.134.195 (ec2-34-219-134-195.us-west-2.co ...
show more
(mod_security) mod_security (id:210492) triggered by 34.219.134.195 (ec2-34-219-134-195.us-west-2.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:21:34.523880 2026] [security2:error] [pid 2274:tid 2274] [client 34.219.134.195:54844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.timelord2067.com"] [uri "/.git/config"] [unique_id "alZT_kyYaS2qSVt1qbpV3wAAAB0"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
๐บ๐ธ
2a09:bac1:76e0:460::5e:69
|
|
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:76e0:460::5e:69 (Unknown): 1 in the l ...
show more
(mod_security) mod_security (id:210492) triggered by 2a09:bac1:76e0:460::5e:69 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 11:21:33.882491 2026] [security2:error] [pid 2732:tid 2732] [client 2a09:bac1:76e0:460::5e:69:21826] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.roigcorporativo.com"] [uri "/.env.production"] [unique_id "alZT_Vfv5p3vLfdViHeRwQAAABI"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|