๐บ๐ธ
TPI-Abuse
2026-07-15 12:35:47
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 08:35:39.135672 2026] [security2:error] [pid 6926:tid 6926] [client 112.74.115.33:35718] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||star-discgolf.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "star-discgolf.com"] [uri "/okok.cer"] [unique_id "ald-mwSQG5DRt2r7EZWOFAAAABA"], referer: https://star-discgolf.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 02:31:02
(1 day ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 22:30:54.886071 2026] [security2:error] [pid 32093:tid 32093] [client 112.74.115.33:60642] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||stantontownship.org|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stantontownship.org"] [uri "/okok.cer"] [unique_id "albw3kljZPZrIoBt1K3AHwAAACE"], referer: https://stantontownship.org/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-04 20:17:54
(1 week ago)
Web attack/malicious scanning detected
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 13:15:31
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 09:15:23.821398 2026] [security2:error] [pid 8184:tid 8184] [client 112.74.115.33:56528] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||normteslaa.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "normteslaa.com"] [uri "/okok.cer"] [unique_id "akEeawHhcSsUXBLMoBwBAQAAAAo"], referer: https://normteslaa.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 12:54:14
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 08:54:09.260954 2026] [security2:error] [pid 26154:tid 26154] [client 112.74.115.33:54364] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||normsrotorservice.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "normsrotorservice.com"] [uri "/okok.cer"] [unique_id "akEZcTWfk2pxp7fUvRJV4gAAABY"], referer: https://normsrotorservice.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 18:24:17
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 14:24:12.371938 2026] [security2:error] [pid 19752:tid 19752] [client 112.74.115.33:60916] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||norkyn.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "norkyn.com"] [uri "/okok.cer"] [unique_id "akAVTHgHXzOAUcZk0mH9wQAAAAo"], referer: https://norkyn.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 13:09:48
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 09:09:44.278938 2026] [security2:error] [pid 7884:tid 7884] [client 112.74.115.33:56486] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||norinpaco.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "norinpaco.com"] [uri "/okok.cer"] [unique_id "aj_LmF0qCRU1hkzFMrtF_QAAAA0"], referer: https://norinpaco.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 18:25:23
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 14:25:15.871275 2026] [security2:error] [pid 3058:tid 3058] [client 112.74.115.33:42762] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||noreservationslocations.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "noreservationslocations.com"] [uri "/okok.cer"] [unique_id "aj7ECzvRjq67sqwJxm2KqQAAABc"], referer: https://noreservationslocations.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Mediashaker
2026-06-26 16:44:05
(2 weeks ago)
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 112.74.115.33 (CN/China/ ...
show more
(apache-scanners) Failed apache-scanners trigger with match [redacted] from 112.74.115.33 (CN/China/-)
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-25 14:33:02
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 10:32:58.435946 2026] [security2:error] [pid 16416:tid 16416] [client 112.74.115.33:41734] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nordicbuilders.net|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nordicbuilders.net"] [uri "/okok.cer"] [unique_id "aj08GvQTXMNvYvjouvAXYQAAAAw"], referer: https://nordicbuilders.net/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
LRob
2026-06-23 23:30:28
(3 weeks ago)
Repeated 403 errors, blocked by Fail2ban in custom-403 jail
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-23 22:26:41
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 18:26:36.615153 2026] [security2:error] [pid 9021:tid 9021] [client 112.74.115.33:40550] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.jetzilla.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jetzilla.com"] [uri "/okok.cer"] [unique_id "ajsIHOfQIg1XixpEnyNdugAAAA4"], referer: https://www.jetzilla.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-21 10:45:00
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 06:44:55.947696 2026] [security2:error] [pid 16225:tid 16225] [client 112.74.115.33:34832] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.jerryfeil.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jerryfeil.com"] [uri "/okok.cer"] [unique_id "ajfAp9Z4s7V3yhfDMJqRAgAAAAY"], referer: https://www.jerryfeil.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 22:49:50
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:49:44.866456 2026] [security2:error] [pid 8092:tid 8092] [client 112.74.115.33:55650] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.jeremyurbanski.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jeremyurbanski.com"] [uri "/okok.cer"] [unique_id "ajcZCFARmLVObVctm9joOAAAAAA"], referer: https://www.jeremyurbanski.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-20 22:27:29
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 112.74.115.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 18:27:24.036646 2026] [security2:error] [pid 3359:tid 3359] [client 112.74.115.33:46690] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.jeremyscraig.com|F|2"] [data ".cer"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.jeremyscraig.com"] [uri "/okok.cer"] [unique_id "ajcTzNrVtSQ7xBzqkHABAwAAABE"], referer: https://www.jeremyscraig.com/okok.cer
show less
Brute-Force
Bad Web Bot
Web App Attack