๐จ๐ณ
36.41.75.167
20 Sep 2025
(mod_security) mod_security (id:210350) triggered by 36.41.75.167 (CN/China/-): 1 in the last 3600 s ...
show more
(mod_security) mod_security (id:210350) triggered by 36.41.75.167 (CN/China/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 22:39:21.315156 2025] [security2:error] [pid 3086451:tid 3086478] [client 36.41.75.167:60887] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.fitchugs.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.fitchugs.com"] [uri "/"] [unique_id "aM4T2S1iiKfK0a6UCmqtgQAAAEA"]
show less
Hacking
๐บ๐ธ
3.88.40.214
20 Sep 2025
(mod_security) mod_security (id:2000064) triggered by 3.88.40.214 (US/United States/ec2-3-88-40-214. ...
show more
(mod_security) mod_security (id:2000064) triggered by 3.88.40.214 (US/United States/ec2-3-88-40-214.compute-1.amazonaws.com): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 22:18:29.435120 2025] [security2:error] [pid 3086451:tid 3086456] [remote 3.88.40.214:0] ModSecurity: Access denied with code 403 (phase 2). Pattern match "Mozilla/(4|5)\\\\.0$" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec2.rules.conf"] [line "104"] [id "2000064"] [hostname "mogs.lol"] [uri "/"] [unique_id "aM4O9S1iiKfK0a6UCmqtEQAAVgQ"]
show less
Hacking
๐ธ๐ช
74.241.245.97
20 Sep 2025
Web-based Attack: GET /wp-login.php?action=register HTTP/2.0
Hacking
Web App Attack
๐บ๐ธ
34.74.81.60
19 Sep 2025
(RSRCTROLL) Vulnerability Trolling: HEAD /wordpress 34.74.81.60 (US/United States/60.81.74.34.bc.goo ...
show more
(RSRCTROLL) Vulnerability Trolling: HEAD /wordpress 34.74.81.60 (US/United States/60.81.74.34.bc.googleusercontent.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 34.74.81.60 - - [19/Sep/2025:19:26:57 -0400] "HEAD /wordpress HTTP/1.1" 301 - "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.6167.85 Safari/537.36"
show less
Hacking
๐บ๐ธ
13.72.115.240
19 Sep 2025
(RSRCTROLL) Vulnerability Trolling: GET/POST /info.php 13.72.115.240 (US/United States/-): 1 in the ...
show more
(RSRCTROLL) Vulnerability Trolling: GET/POST /info.php 13.72.115.240 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 13.72.115.240 - - [19/Sep/2025:19:24:51 -0400] "GET /info.php HTTP/2.0" 401 53 "-" "-"
show less
Hacking
๐ธ๐ฌ
178.128.22.21
19 Sep 2025
(mod_security) mod_security (id:210492) triggered by 178.128.22.21 (SG/Singapore/-): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 178.128.22.21 (SG/Singapore/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 19:17:23.591542 2025] [security2:error] [pid 3085907:tid 3085942] [client 178.128.22.21:52748] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "209.59.154.179"] [uri "/.env"] [unique_id "aM3kg368S--oqCadGZWX_wAAAAM"]
show less
Hacking
๐ฉ๐ช
51.75.157.203
19 Sep 2025
(RSRCTROLL) Vulnerability Trolling: HEAD /wp 51.75.157.203 (DE/Germany/ip203.ip-51-75-157.eu): 1 in ...
show more
(RSRCTROLL) Vulnerability Trolling: HEAD /wp 51.75.157.203 (DE/Germany/ip203.ip-51-75-157.eu): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 51.75.157.203 - - [19/Sep/2025:19:11:28 -0400] "HEAD /wp-content/plugins/wordpress-corde/wordpresse-kore.php HTTP/2.0" 301 - "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/127.0.0.0 Safari/537.36"
show less
Hacking
๐ฉ๐ช
159.89.20.246
19 Sep 2025
(CBLTSTRK) Probing for Cobaltstrike beacon /ab2g 159.89.20.246 (DE/Germany/-): 1 in the last 3600 se ...
show more
(CBLTSTRK) Probing for Cobaltstrike beacon /ab2g 159.89.20.246 (DE/Germany/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 159.89.20.246 - - [19/Sep/2025:18:08:52 -0400] "GET /ab2g HTTP/1.1" 301 20 "-" "Mozilla/5.0 zgrab/0.x"
show less
Hacking
๐ท๐บ
45.135.232.178
19 Sep 2025
Web-based Attack: GET /wp-login.php HTTP/2.0
Hacking
Web App Attack
๐บ๐ธ
34.16.172.213
19 Sep 2025
(mod_security) mod_security (id:210492) triggered by 34.16.172.213 (US/United States/213.172.16.34.b ...
show more
(mod_security) mod_security (id:210492) triggered by 34.16.172.213 (US/United States/213.172.16.34.bc.googleusercontent.com): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 15:43:20.659482 2025] [security2:error] [pid 3086451:tid 3086478] [client 34.16.172.213:55110] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "studiomuseum.studiomuseum.org"] [uri "/.git/config"] [unique_id "aM2yWC1iiKfK0a6UCmqhUAAAAEA"]
show less
Hacking
๐บ๐ธ
13.82.122.29
19 Sep 2025
(RSRCTROLL) Vulnerability Trolling: GET/POST /info.php 13.82.122.29 (US/United States/-): 1 in the l ...
show more
(RSRCTROLL) Vulnerability Trolling: GET/POST /info.php 13.82.122.29 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 13.82.122.29 - - [19/Sep/2025:15:30:20 -0400] "GET /info.php HTTP/2.0" 401 53 "-" "-"
show less
Hacking
๐บ๐ธ
43.159.136.201
19 Sep 2025
Web-based Attack: GET /xmlrpc.php?rsd HTTP/2.0
Hacking
Web App Attack
๐จ๐ณ
175.6.217.4
19 Sep 2025
(mod_security) mod_security (id:210350) triggered by 175.6.217.4 (CN/China/-): 1 in the last 3600 se ...
show more
(mod_security) mod_security (id:210350) triggered by 175.6.217.4 (CN/China/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 15:06:02.375607 2025] [security2:error] [pid 3085907:tid 3085940] [client 175.6.217.4:44097] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.fitchugs.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.fitchugs.com"] [uri "/"] [unique_id "aM2pmn68S--oqCadGZWToQAAAAE"]
show less
Hacking
๐บ๐ธ
107.174.2.38
19 Sep 2025
(mod_security) mod_security (id:210492) triggered by 107.174.2.38 (US/United States/107-174-2-38-hos ...
show more
(mod_security) mod_security (id:210492) triggered by 107.174.2.38 (US/United States/107-174-2-38-host.colocrossing.com): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 14:13:51.780354 2025] [security2:error] [pid 3085907:tid 3085936] [remote 107.174.2.38:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mogs.lol"] [uri "/.env"] [unique_id "aM2dX368S--oqCadGZWTLQAAAxc"]
show less
Hacking
๐บ๐ธ
107.170.1.217
19 Sep 2025
(mod_security) mod_security (id:210492) triggered by 107.170.1.217 (US/United States/-): 1 in the la ...
show more
(mod_security) mod_security (id:210492) triggered by 107.170.1.217 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 13:51:05.872629 2025] [security2:error] [pid 3086451:tid 3086485] [client 107.170.1.217:33862] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "209.59.154.179"] [uri "/.env"] [unique_id "aM2YCS1iiKfK0a6UCmqdbgAAAEc"]
show less
Hacking
๐บ๐ธ
49.51.196.42
19 Sep 2025
(mod_security) mod_security (id:210350) triggered by 49.51.196.42 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:210350) triggered by 49.51.196.42 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 13:18:14.112072 2025] [security2:error] [pid 3086451:tid 3086490] [client 49.51.196.42:45358] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||srv.mogbox.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "srv.mogbox.net"] [uri "/"] [unique_id "aM2QVi1iiKfK0a6UCmqcewAAAEw"]
show less
Hacking
๐ฎ๐ช
52.169.146.145
19 Sep 2025
(RSRCTROLL) Vulnerability Trolling: GET/POST /wp-includes/IXR/ 52.169.146.145 (IE/Ireland/-): 1 in t ...
show more
(RSRCTROLL) Vulnerability Trolling: GET/POST /wp-includes/IXR/ 52.169.146.145 (IE/Ireland/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 52.169.146.145 - - [19/Sep/2025:12:21:44 -0400] "GET /wp-includes/IXR/autoload_classmap.php HTTP/2.0" 401 53 "-" "-"
show less
Hacking
๐บ๐ธ
49.51.195.195
19 Sep 2025
(mod_security) mod_security (id:210350) triggered by 49.51.195.195 (US/United States/-): 1 in the la ...
show more
(mod_security) mod_security (id:210350) triggered by 49.51.195.195 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 11:31:31.470494 2025] [security2:error] [pid 3086451:tid 3086486] [client 49.51.195.195:57646] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||209.59.154.179|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "209.59.154.179"] [uri "/"] [unique_id "aM13Uy1iiKfK0a6UCmqZ9wAAAEg"]
show less
Hacking
๐บ๐ธ
13.90.22.61
19 Sep 2025
(RSRCTROLL) Vulnerability Trolling: GET/POST /info.php 13.90.22.61 (US/United States/-): 1 in the la ...
show more
(RSRCTROLL) Vulnerability Trolling: GET/POST /info.php 13.90.22.61 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 13.90.22.61 - - [19/Sep/2025:11:25:45 -0400] "GET /info.php HTTP/2.0" 404 167 "-" "-"
show less
Hacking
๐บ๐ธ
43.165.65.75
19 Sep 2025
(mod_security) mod_security (id:210350) triggered by 43.165.65.75 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:210350) triggered by 43.165.65.75 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 11:08:23.069930 2025] [security2:error] [pid 3086451:tid 3086502] [client 43.165.65.75:55146] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||fitchugs.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "fitchugs.com"] [uri "/"] [unique_id "aM1x5y1iiKfK0a6UCmqYawAAAFg"]
show less
Hacking
๐จ๐ณ
106.119.167.146
19 Sep 2025
(mod_security) mod_security (id:210350) triggered by 106.119.167.146 (CN/China/-): 1 in the last 360 ...
show more
(mod_security) mod_security (id:210350) triggered by 106.119.167.146 (CN/China/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 11:04:58.725368 2025] [security2:error] [pid 3085907:tid 3085941] [client 106.119.167.146:60713] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||fitchugs.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "fitchugs.com"] [uri "/"] [unique_id "aM1xGn68S--oqCadGZWQ4gAAAAI"]
show less
Hacking
๐ณ๐ฑ
45.154.98.188
19 Sep 2025
(mod_security) mod_security (id:210492) triggered by 45.154.98.188 (NL/The Netherlands/45.154.98.188 ...
show more
(mod_security) mod_security (id:210492) triggered by 45.154.98.188 (NL/The Netherlands/45.154.98.188.powered.by.rdp.sh): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 10:19:39.655464 2025] [security2:error] [pid 3086451:tid 3086488] [client 45.154.98.188:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloud.mogbox.net"] [uri "/.env"] [unique_id "aM1mey1iiKfK0a6UCmqWUQAAAEo"]
show less
Hacking
๐บ๐ธ
43.130.141.193
19 Sep 2025
(mod_security) mod_security (id:210350) triggered by 43.130.141.193 (US/United States/-): 1 in the l ...
show more
(mod_security) mod_security (id:210350) triggered by 43.130.141.193 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 10:00:31.586320 2025] [security2:error] [pid 3086451:tid 3086479] [client 43.130.141.193:58190] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||209.59.154.179:80|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "209.59.154.179"] [uri "/"] [unique_id "aM1h_y1iiKfK0a6UCmqVxwAAAEE"]
show less
Hacking
๐บ๐ธ
49.51.243.95
19 Sep 2025
(mod_security) mod_security (id:210350) triggered by 49.51.243.95 (US/United States/-): 1 in the las ...
show more
(mod_security) mod_security (id:210350) triggered by 49.51.243.95 (US/United States/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 08:00:44.475570 2025] [security2:error] [pid 2994181:tid 2994213] [client 49.51.243.95:56404] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||srv.mogbox.net|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "srv.mogbox.net"] [uri "/"] [unique_id "aM1F7Pvem6QJeLJixQnLfAAAAEU"]
show less
Hacking
๐ฉ๐ช
45.139.104.204
19 Sep 2025
(mod_security) mod_security (id:210492) triggered by 45.139.104.204 (BG/Bulgaria/-): 1 in the last 3 ...
show more
(mod_security) mod_security (id:210492) triggered by 45.139.104.204 (BG/Bulgaria/-): 1 in the last 3600 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Fri Sep 19 07:48:28.002965 2025] [security2:error] [pid 2994181:tid 2994185] [remote 45.139.104.204:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mogs.lol"] [uri "/.env"] [unique_id "aM1DDPvem6QJeLJixQnLRwAAQgM"]
show less
Hacking