|
πΉπ·
88.228.243.66
|
|
(mod_security) mod_security (id:210730) triggered by 88.228.243.66 (88.228.243.66.dynamic.ttnet.com. ...
show more
(mod_security) mod_security (id:210730) triggered by 88.228.243.66 (88.228.243.66.dynamic.ttnet.com.tr): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:43:09.813663 2026] [security2:error] [pid 17158:tid 17158] [client 88.228.243.66:40272] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.cajunpicasso.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cajunpicasso.com"] [uri "/saint-cecilia-2/[email protected]"] [unique_id "alaRTWMLS5XRjEtzM0-AvwAAAAc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
39.154.0.76
|
|
(mod_security) mod_security (id:210831) triggered by 39.154.0.76 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 39.154.0.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:43:01.764680 2026] [security2:error] [pid 19142:tid 19142] [client 39.154.0.76:6267] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||surrenderhouse.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "surrenderhouse.com"] [uri "/"] [unique_id "alaRReBq0c2S6XBAeK8sawAAAA4"], referer: http://surrenderhouse.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
183.197.176.253
|
|
(mod_security) mod_security (id:210831) triggered by 183.197.176.253 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.197.176.253 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:43:02.346799 2026] [security2:error] [pid 24320:tid 24320] [client 183.197.176.253:12655] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRRl1Zvr2cOBKpLJM6_AAAAAc"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
106.119.66.194
|
|
(mod_security) mod_security (id:210831) triggered by 106.119.66.194 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 106.119.66.194 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:59.121068 2026] [security2:error] [pid 24310:tid 24310] [client 106.119.66.194:13582] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRQx8xBtLDOQdwXyxqbgAAAAM"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
124.114.74.68
|
|
(mod_security) mod_security (id:210831) triggered by 124.114.74.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 124.114.74.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:57.937774 2026] [security2:error] [pid 22572:tid 22572] [client 124.114.74.68:49830] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRQQQWe_gubQbKthCD7wAAAA8"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
120.221.12.129
|
|
(mod_security) mod_security (id:210831) triggered by 120.221.12.129 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 120.221.12.129 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:51.362087 2026] [security2:error] [pid 23832:tid 23832] [client 120.221.12.129:49444] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRO0tJbNXh5s3Popu8HQAAAA0"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
113.124.90.68
|
|
(mod_security) mod_security (id:210831) triggered by 113.124.90.68 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 113.124.90.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:50.803830 2026] [security2:error] [pid 23316:tid 23316] [client 113.124.90.68:53659] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaROpwArGFmUrLWNKD4hQAAACA"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
49.114.246.121
|
|
(mod_security) mod_security (id:210831) triggered by 49.114.246.121 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 49.114.246.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:47.122733 2026] [security2:error] [pid 938:tid 952] [client 49.114.246.121:31600] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||guitarmans.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "guitarmans.com"] [uri "/"] [unique_id "alaRN0KjWVp215SgA6BtegAAAEo"], referer: http://guitarmans.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
60.1.184.93
|
|
(mod_security) mod_security (id:210831) triggered by 60.1.184.93 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:210831) triggered by 60.1.184.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:40.269426 2026] [security2:error] [pid 23748:tid 23748] [client 60.1.184.93:19444] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRMI2CStuN4O1Wjda61QAAAAY"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
120.82.84.182
|
|
(mod_security) mod_security (id:210831) triggered by 120.82.84.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 120.82.84.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:44.529706 2026] [security2:error] [pid 23316:tid 23316] [client 120.82.84.182:52627] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRNJwArGFmUrLWNKD4hAAAACA"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
106.44.231.29
|
|
(mod_security) mod_security (id:210831) triggered by 106.44.231.29 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 106.44.231.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:45.062958 2026] [security2:error] [pid 23313:tid 23313] [client 106.44.231.29:18872] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRNX0HHuJ4u5xj8vwYdgAAAB0"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
115.62.244.31
|
|
(mod_security) mod_security (id:210831) triggered by 115.62.244.31 (hn.kd.ny.adsl): 1 in the last 30 ...
show more
(mod_security) mod_security (id:210831) triggered by 115.62.244.31 (hn.kd.ny.adsl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:38.672306 2026] [security2:error] [pid 23316:tid 23316] [client 115.62.244.31:7504] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRLpwArGFmUrLWNKD4gwAAACA"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
183.157.202.204
|
|
(mod_security) mod_security (id:210831) triggered by 183.157.202.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 183.157.202.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:30.173220 2026] [security2:error] [pid 11985:tid 11985] [client 183.157.202.204:3062] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||tudor-harris.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "tudor-harris.com"] [uri "/index.html"] [unique_id "alaRJkjWDtbcaoxPw5BDmgAAAAo"], referer: http://tudor-harris.com/index.html
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π©πͺ
2a04:4e40:e000:0:5aa:19c:a3b0:51d
|
|
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:5aa:19c:a3b0:51d (Unknown): 1 ...
show more
(mod_security) mod_security (id:210492) triggered by 2a04:4e40:e000:0:5aa:19c:a3b0:51d (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:29.890064 2026] [security2:error] [pid 23797:tid 23797] [client 2a04:4e40:e000:0:5aa:19c:a3b0:51d:26440] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ticmacabotours.com.disenowebprofesional.com"] [uri "/.git/HEAD"] [unique_id "alaRJSOfMmJX6eD8K7cB1gAAAAc"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π©πͺ
140.248.75.22
|
|
(mod_security) mod_security (id:210492) triggered by 140.248.75.22 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 140.248.75.22 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:29.866242 2026] [security2:error] [pid 18208:tid 18208] [client 140.248.75.22:56462] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ticmacabotours.com.disenowebprofesional.com"] [uri "/.git/config"] [unique_id "alaRJbcZsD7YsanVdwaQ-gAAAAk"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
πΈπ¬
47.128.33.201
|
|
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1 ...
show more
(mod_security) mod_security (id:210730) triggered by 47.128.33.201 (ec2-47-128-33-201.ap-southeast-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:27.870423 2026] [security2:error] [pid 10426:tid 10426] [client 47.128.33.201:41164] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.pages4you.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.pages4you.com"] [uri "/Graphics2/WS_FTP.LOG"] [unique_id "alaRI5i4iGd-nJ4WHd96dQAAAAw"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π©πͺ
18.193.48.153
|
|
(mod_security) mod_security (id:210492) triggered by 18.193.48.153 (ec2-18-193-48-153.eu-central-1.c ...
show more
(mod_security) mod_security (id:210492) triggered by 18.193.48.153 (ec2-18-193-48-153.eu-central-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:22.533349 2026] [security2:error] [pid 12868:tid 12868] [client 18.193.48.153:42952] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thevoodooguru.com"] [uri "/.git/config"] [unique_id "alaRHizEzOO1Vn5Bhf-tbgAAAAw"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π―π΄
176.29.147.211
|
|
(mod_security) mod_security (id:240335) triggered by 176.29.147.211 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 176.29.147.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:42:13.915189 2026] [security2:error] [pid 2777:tid 2777] [client 176.29.147.211:2868] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 176.29.147.211 (+1 hits since last alert)|rocksolidhomebuilders.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rocksolidhomebuilders.com"] [uri "/xmlrpc.php"] [unique_id "alaRFfT_ti__KJy8vOwlDAAAAA8"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
120.230.189.247
|
|
(mod_security) mod_security (id:210831) triggered by 120.230.189.247 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210831) triggered by 120.230.189.247 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:41:54.665418 2026] [security2:error] [pid 6648:tid 6648] [client 120.230.189.247:1818] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||exploratorymusic.net|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "exploratorymusic.net"] [uri "/"] [unique_id "alaRAhaET4UeWnnoli_VIwAAABA"], referer: http://exploratorymusic.net/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π©πͺ
2a09:bac1:1e40:8::3a3:4
|
|
(mod_security) mod_security (id:210730) triggered by 2a09:bac1:1e40:8::3a3:4 (Unknown): 1 in the las ...
show more
(mod_security) mod_security (id:210730) triggered by 2a09:bac1:1e40:8::3a3:4 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:41:49.793432 2026] [security2:error] [pid 4781:tid 4781] [client 2a09:bac1:1e40:8::3a3:4:30544] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jambmaster.com|F|2"] [data ".conf"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jambmaster.com"] [uri "/rclone.conf"] [unique_id "alaQ_bIfWVoq7lrLt7Ml6QAAAAQ"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
πͺπ¨
177.234.208.17
|
|
(mod_security) mod_security (id:210730) triggered by 177.234.208.17 (17-208-234-177.ufinetlatam.net. ...
show more
(mod_security) mod_security (id:210730) triggered by 177.234.208.17 (17-208-234-177.ufinetlatam.net.ec): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:41:26.149275 2026] [security2:error] [pid 26598:tid 26598] [client 177.234.208.17:57670] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||piments.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "piments.com"] [uri "/piments/html_chilli-peppers/CatKing 2000-err.log"] [unique_id "alaQ5olR0RFMFGKSpZ9R1gAAAAM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
39.172.19.242
|
|
(mod_security) mod_security (id:210831) triggered by 39.172.19.242 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 39.172.19.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:41:20.322298 2026] [security2:error] [pid 4009:tid 4102] [client 39.172.19.242:16954] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.love-spells-magic.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.love-spells-magic.com"] [uri "/"] [unique_id "alaQ4A-taPxkNAKfpZgAPwAAAIY"], referer: https://www.love-spells-magic.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
39.172.138.144
|
|
(mod_security) mod_security (id:210831) triggered by 39.172.138.144 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210831) triggered by 39.172.138.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:41:15.015686 2026] [security2:error] [pid 938:tid 962] [client 39.172.138.144:33583] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.rosicruciansociety.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.rosicruciansociety.com"] [uri "/"] [unique_id "alaQ20KjWVp215SgA6Bs3AAAAFQ"], referer: https://www.rosicruciansociety.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
223.96.61.165
|
|
(mod_security) mod_security (id:210831) triggered by 223.96.61.165 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 223.96.61.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:41:04.065670 2026] [security2:error] [pid 938:tid 957] [client 223.96.61.165:10230] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.eafm.org|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.eafm.org"] [uri "/"] [unique_id "alaQ0EKjWVp215SgA6BszwAAAE8"], referer: https://www.eafm.org/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
π¨π³
101.26.28.149
|
|
(mod_security) mod_security (id:210831) triggered by 101.26.28.149 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210831) triggered by 101.26.28.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 15:41:06.111643 2026] [security2:error] [pid 1758:tid 1758] [client 101.26.28.149:34692] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url|user-Agent|www\\\\.weblogs\\\\.com|(?:jakart|vi)a|(google|i{0,1}explorer{0,1}\\\\.exe|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)|\\\\bdatacha0s\\\\b|; widows|\\\\\\\\r|a(?: href=|d(?:sarobot|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler||www.awl-v.com|F|4"] [data "User-Agent"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.awl-v.com"] [uri "/"] [unique_id "alaQ0hmwVNk0F5YHa6s2MQAAAAw"], referer: http://www.awl-v.com/
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|