TPI-Abuse
2024-09-17 05:30:14
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 154.54.249.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 154.54.249.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 01:30:10.728599 2024] [security2:error] [pid 1122014:tid 1122014] [client 154.54.249.174:13975] [client 154.54.249.174] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.justinrudd.com|F|2"] [data ".barkbarkdaycare.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.justinrudd.com"] [uri "/www.barkbarkdaycare.com"] [unique_id "ZukT4gadTKwwbUYkSuYldwAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-09-17 01:17:09
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 154.54.249.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 154.54.249.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 16 21:17:03.526390 2024] [security2:error] [pid 27713:tid 27713] [client 154.54.249.174:9843] [client 154.54.249.174] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||williamfitzsimmons.com|F|2"] [data ".shankhall.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "williamfitzsimmons.com"] [uri "/news/0328-william-adds-chattanooga-date-uscan-tour/www.shankhall.com"] [unique_id "ZujYj97tPO44iqiTzkEdKQAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-09-16 23:13:19
(3 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
mwgbr
2024-09-16 21:55:51
(3 weeks ago)
154.54.249.174 (FR/France/-), more than 10 Apache 403 hits
Hacking
bigscoots.com
2024-09-15 21:48:27
(3 weeks ago)
(PERMBLOCK) 154.54.249.174 (FR/France/-) has had more than 4 temp blocks in the last 86400 secs; Por ... show more (PERMBLOCK) 154.54.249.174 (FR/France/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs: show less
Brute-Force
SSH
Anonymous
2024-09-12 05:04:54
(3 weeks ago)
Excessive crawling/scraping
Hacking
Brute-Force
silisoftware.com
2024-09-11 22:20:06
(3 weeks ago)
/phpBB3/viewforum.php?f=3
Web App Attack
mwgbr
2024-09-11 16:45:18
(3 weeks ago)
154.54.249.174 (FR/France/-), more than 10 Apache 403 hits
Hacking
bigscoots.com
2024-09-11 11:49:24
(3 weeks ago)
(PERMBLOCK) 154.54.249.174 (FR/France/-) has had more than 4 temp blocks in the last 86400 secs; Por ... show more (PERMBLOCK) 154.54.249.174 (FR/France/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: 1; Trigger: LF_PERMBLOCK_COUNT; Logs: show less
Brute-Force
SSH
mwgbr
2024-03-04 04:52:08
(7 months ago)
154.54.249.174 (FR/France/-), more than 10 Apache 403 hits
Hacking
TPI-Abuse
2024-03-03 10:14:49
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 154.54.249.174 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 154.54.249.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 03 05:14:43.827828 2024] [security2:error] [pid 18598] [client 154.54.249.174:14433] [client 154.54.249.174] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.accordionstars.com|F|2"] [data ".accordionfactory.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.accordionstars.com"] [uri "/www.accordionfactory.com"] [unique_id "ZeRNkw7e86yWfIE7uIvh1AAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack