TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 12 11:21:59.305863 2024] [security2:error] [pid 2821:tid 2821] [client 119.4.34.236:19058] [client 119.4.34.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.personal-sportswear.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.personal-sportswear.com"] [uri "/2024.sql"] [unique_id "ZuMHF2QdzIymFbrr5UbOTQAAAB4"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 11 19:28:32.846109 2024] [security2:error] [pid 3869341:tid 3869341] [client 119.4.34.236:56514] [client 119.4.34.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.stkm.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.stkm.com"] [uri "/stkmcom.sql"] [unique_id "ZuInoFFyAB6O-Gs38MT8dQAAACQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 18:39:11.602380 2024] [security2:error] [pid 10907:tid 10907] [client 119.4.34.236:54985] [client 119.4.34.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.yacher.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.yacher.com"] [uri "/2011.bak"] [unique_id "ZuDKj5jed7lPLzi4FuHE6wAAABM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 10 09:51:46.971114 2024] [security2:error] [pid 26205:tid 26205] [client 119.4.34.236:57079] [client 119.4.34.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.robertprowse.net|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.robertprowse.net"] [uri "/dump.sql"] [unique_id "ZuBO8rZGi0ttn_w3HF3tJAAAACY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 08:44:28.675249 2024] [security2:error] [pid 14145:tid 14145] [client 119.4.34.236:56062] [client 119.4.34.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.trailofcrumbs.com|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.trailofcrumbs.com"] [uri "/forum.bak"] [unique_id "Zt2cLMn1o0c1j6LYw2c1bAAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 08 03:22:56.352909 2024] [security2:error] [pid 31934:tid 31934] [client 119.4.34.236:55935] [client 119.4.34.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||www.carmichaellaw.org|F|2"] [data ".bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.carmichaellaw.org"] [uri "/auth.bak"] [unique_id "Zt1Q0DCFBYsojMzYlhhI1wAAABw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 119.4.34.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 07 12:46:37.293735 2024] [security2:error] [pid 17584:tid 17584] [client 119.4.34.236:56775] [client 119.4.34.236] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.powerkiteforum.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.powerkiteforum.com"] [uri "/website.sql"] [unique_id "ZtyDbUdMviOi7X0t8ZuVFAAAABc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
HoneyPotEU02
|
|
SMTP brute force - auth failed
|
Brute-Force
Exploited Host
|
|
maximonline.co.za
|
|
Brute Force IMAP AUTH Attack
|
Brute-Force
|
|
Anonymous
|
|
Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK
|
Brute-Force
SSH
|
|
TZNOC
|
|
Mail credential brute-force attack (SM3) #1
|
Email Spam
Email Spam
Brute-Force
Brute-Force
|
|
Anonymous
|
|
Ports: 25,465,587; Direction: 0; Trigger: LF_DISTATTACK
|
Brute-Force
SSH
|
|