TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 09 21:25:01.708351 2024] [security2:error] [pid 12863:tid 12863] [client 112.193.215.149:43202] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.twobytwotutoring.org|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.twobytwotutoring.org"] [uri "/forum.sql"] [unique_id "Zt-f7RA_3S7AsSkAPOtg8QAAABc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 08:44:33.928629 2024] [security2:error] [pid 14500:tid 14500] [client 112.193.215.149:44490] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.trailofcrumbs.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.trailofcrumbs.com"] [uri "/root.bak"] [unique_id "Zt2cMV-YifFtHHh0w6NLbgAAAB8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 03:22:53.654726 2024] [security2:error] [pid 30339:tid 30339] [client 112.193.215.149:43206] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.carmichaellaw.org|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.carmichaellaw.org"] [uri "/2023.bak"] [unique_id "Zt1QzSU7wwcQkZQuj-hdyAAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 07 07:58:21.791765 2024] [security2:error] [pid 11233:tid 11233] [client 112.193.215.149:44734] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.stenbot.com|F|2"] [data ".backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.stenbot.com"] [uri "/wwwstenbotcom.backup"] [unique_id "Ztw_3f_ui2tuQ5nIMBvN4AAAAAs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 08:46:27.258116 2024] [security2:error] [pid 3442549:tid 3442629] [client 112.193.215.149:43731] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.stateabbreviationlist.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.stateabbreviationlist.com"] [uri "/back.bak"] [unique_id "Ztr5o3-XBwgz9_Tp6Ob7bAAAAEE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 06 07:31:48.060807 2024] [security2:error] [pid 24195:tid 24195] [client 112.193.215.149:43781] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.balivisaservice.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.balivisaservice.com"] [uri "/2012.bak"] [unique_id "ZtroJM5VFIn3c4N7BPtYHgAAAAk"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 05 20:21:43.797545 2024] [security2:error] [pid 6497:tid 6497] [client 112.193.215.149:44806] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.warchildsworld.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.warchildsworld.com"] [uri "/2010.sql"] [unique_id "ZtpLF1Q5Sc_lw732eWCO2QAAAAI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 05:40:16.875308 2024] [security2:error] [pid 12480:tid 12480] [client 112.193.215.149:59528] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.oiseauxsisters.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.oiseauxsisters.com"] [uri "/oiseauxsisters_com.bak"] [unique_id "ZtbZgLwGEBRUvRpOVydS0gAAACA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 01 14:12:02.401835 2024] [security2:error] [pid 26209:tid 26209] [client 112.193.215.149:61393] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.highaltitudebaking.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.highaltitudebaking.com"] [uri "/archive.bak"] [unique_id "ZtSucnLhCxJ8P7j-ZEnEZQAAABk"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 31 08:10:19.785769 2024] [security2:error] [pid 21734:tid 21734] [client 112.193.215.149:60233] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.ssion.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ssion.com"] [uri "/admin.bak"] [unique_id "ZtMIK9Cb00hwQecq2s-TtAAAAAk"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 15:43:19.451479 2024] [security2:error] [pid 28841:tid 28841] [client 112.193.215.149:17611] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.waking.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.waking.com"] [uri "/log.bak"] [unique_id "ZtIg11mb_er7nrJQEyO55AAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 30 02:12:50.106940 2024] [security2:error] [pid 244939:tid 244939] [client 112.193.215.149:18065] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.federallog.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.federallog.com"] [uri "/error_log.bak"] [unique_id "ZtFi4pSLo2pnrrccAm3fqgAAAAs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 10:15:28.990280 2024] [security2:error] [pid 6864:tid 6864] [client 112.193.215.149:16598] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.jeffjastro.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jeffjastro.com"] [uri "/log.bak"] [unique_id "Zs8xAKQpprEKWFN8PvuMoAAAACA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Po ... show more(mod_security) mod_security (id:210730) triggered by 112.193.215.149 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 02:19:12.950276 2024] [security2:error] [pid 22179:tid 22179] [client 112.193.215.149:16571] [client 112.193.215.149] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.amrtactical.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.amrtactical.com"] [uri "/site.sql"] [unique_id "Zs7BYG_Is14teSt60ShElwAAABc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|