TPI-Abuse
2024-10-12 01:56:17
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 21:55:33.811733 2024] [security2:error] [pid 6542:tid 6542] [client 112.193.215.76:53866] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.namefinder.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.namefinder.com"] [uri "/sales.sql"] [unique_id "ZwnXFYzqraViqXxbIz8s9AAAAB4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-11 15:06:18
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 11:05:21.591121 2024] [security2:error] [pid 11461:tid 11461] [client 112.193.215.76:53464] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.beachhousebooks.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.beachhousebooks.com"] [uri "/jsp.sql"] [unique_id "Zwk-sfQakugn1owRk53_ewAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-16 00:55:52
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 15 20:54:24.257518 2024] [security2:error] [pid 14917:tid 14917] [client 112.193.215.76:23436] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.catholicshopper.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.catholicshopper.com"] [uri "/2024.bak"] [unique_id "ZueBwLQ841raM575ZE14DAAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-14 00:57:43
(4 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 13 20:56:57.491190 2024] [security2:error] [pid 1368202:tid 1368202] [client 112.193.215.76:23438] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.benshermanguitar.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.benshermanguitar.com"] [uri "/wp.bak"] [unique_id "ZuTfWeN52RQjgFZFjuRzqQAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-13 00:02:12
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 12 20:01:02.600271 2024] [security2:error] [pid 22256:tid 22256] [client 112.193.215.76:23078] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.obfetal.com|F|2"] [data ".com.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.obfetal.com"] [uri "/obfetal.com.bak"] [unique_id "ZuOAvoEN2T2kICZw5DwekgAAACg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-12 05:21:14
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 12 01:19:33.855253 2024] [security2:error] [pid 16564:tid 16564] [client 112.193.215.76:46824] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.chafinlaw.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.chafinlaw.net"] [uri "/html.sql"] [unique_id "ZuJ55SZwFJZvvVhfGZD7ewAAACo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-11 23:31:22
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 11 19:28:29.898539 2024] [security2:error] [pid 3869017:tid 3869017] [client 112.193.215.76:46140] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.stkm.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.stkm.com"] [uri "/engine.bak"] [unique_id "ZuInnWNxu6ObUAF1wbrIiwAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-11 17:05:12
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 11 13:02:24.761093 2024] [security2:error] [pid 6752:tid 12086] [client 112.193.215.76:45836] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.aspencommission.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.aspencommission.com"] [uri "/engine.bak"] [unique_id "ZuHNIC3g6vZotu40LinigwAAAgA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-10 22:40:38
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 18:39:18.015205 2024] [security2:error] [pid 10423:tid 10423] [client 112.193.215.76:46172] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.yacher.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.yacher.com"] [uri "/mysql.bak"] [unique_id "ZuDKlt-2niAuSILQZGO_JQAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-08 12:44:41
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 08:44:23.849505 2024] [security2:error] [pid 14145:tid 14145] [client 112.193.215.76:45725] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.trailofcrumbs.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.trailofcrumbs.com"] [uri "/1.sql"] [unique_id "Zt2cJ8n1o0c1j6LYw2c1WgAAAAg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-07 16:48:40
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 112.193.215.76 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 07 12:46:42.967442 2024] [security2:error] [pid 17974:tid 17974] [client 112.193.215.76:46315] [client 112.193.215.76] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.powerkiteforum.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.powerkiteforum.com"] [uri "/site.sql"] [unique_id "ZtyDctb79rZG7_ouFamuYAAAACY"] show less
Brute-Force
Bad Web Bot
Web App Attack
IrisFlower
2021-04-16 05:39:42
(3 years ago)
Unauthorized connection attempt detected from IP address 112.193.215.76 to port 80 [T]
Port Scan