|
π¨π
backslash
|
|
block ruleset 7B8FD6B12C4E12B6F0DAE02E53C0597FBEDDF5BC
|
Bad Web Bot
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 10:18:10.924429 2026] [security2:error] [pid 22483:tid 22483] [client 191.96.104.137:58799] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nbcnewsradio.com"] [uri "/_.htaccess"] [unique_id "aWpWsuAE2TjkQXwKNSt-3QAAAAg"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 09:13:39.903650 2025] [security2:error] [pid 2254:tid 2254] [client 191.96.104.137:56039] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.davispickering.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.davispickering.com"] [uri "/logs/errors.log"] [unique_id "aQITA7qOq3b7REZapG4lxAAAABE"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 16:24:33.877006 2025] [security2:error] [pid 8733:tid 8733] [client 191.96.104.137:57839] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.nbcnewsradio.com"] [uri "/a.htaccess"] [unique_id "aQEmgU7FkbA1L3cl3O4fkwAAABM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 22 15:46:07.254131 2025] [security2:error] [pid 32189:tid 32189] [client 191.96.104.137:53239] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||mail.deandobkin.com|F|2"] [data ".log"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.deandobkin.com"] [uri "/admin/log/error.log"] [unique_id "aNGnf7FpS9xevSBly2dk-gAAAAs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:211190) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:211190) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 01 01:58:22.659005 2025] [security2:error] [pid 15415:tid 15476] [client 191.96.104.137:55839] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||www.staging.kettlehill.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /wp-content/plugins/mypixs/mypixs/downloadpage.php?url=/etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.staging.kettlehill.com"] [uri "/wp-content/plugins/mypixs/mypixs/downloadpage.php"] [unique_id "aGN4_q0WqJtHmKpJnDr1AwAAAVM"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
| XSS (Cross Site Scripting) attempt.
|
Hacking
SQL Injection
Web App Attack
|
|
|
πΊπΈ
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 191.96.104.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 01 11:03:29.627318 2025] [security2:error] [pid 2945551:tid 2945551] [client 191.96.104.137:46765] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||ftp.nbcnewsradio.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/login.php.bak"] [unique_id "aDxrwcseRKz3Xgq8NwvbQgAAAAk"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|