TPI-Abuse
2024-08-29 21:54:59
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 17:54:55.251400 2024] [security2:error] [pid 20858:tid 20858] [client 194.233.73.179:52382] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||13waggoners.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "13waggoners.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZtDuL1Az4c2auF_AEQ42jQAAAB4"] show less
Brute-Force
Bad Web Bot
Web App Attack
sms.ru
2024-08-29 20:00:43
(2 weeks ago)
/wp-admin/css/colors/blue/CasperExV1.php
Web App Attack
TPI-Abuse
2024-08-29 16:50:53
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 12:50:45.736945 2024] [security2:error] [pid 5130:tid 5130] [client 194.233.73.179:51116] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||fatcavemedia.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "fatcavemedia.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZtCm5bkSYxW4e5hIS-OqGQAAABs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 14:48:30
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 10:48:26.461390 2024] [security2:error] [pid 28436:tid 28436] [client 194.233.73.179:56690] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||salinabible.org|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "salinabible.org"] [uri "/site/default/settings.php.BAK"] [unique_id "ZtCKOoOFv4QWJGAmM13TBQAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 13:33:20
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 09:33:14.474304 2024] [security2:error] [pid 1020530:tid 1020530] [client 194.233.73.179:57914] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||alhashim.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "alhashim.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZtB4mg5Iw-RnrameGVlfuQAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 09:57:00
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 05:56:52.636522 2024] [security2:error] [pid 3719:tid 3719] [client 194.233.73.179:55893] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||grantcramer.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "grantcramer.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZtBF5HC2aiNiXCoYA9kM1QAAACI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 09:10:56
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 05:10:50.105605 2024] [security2:error] [pid 2939957:tid 2939957] [client 194.233.73.179:52764] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||boat-registration-turkey.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "boat-registration-turkey.com"] [uri "/site/default/settings.php.BAK"] [unique_id "ZtA7Gn76H9e2gSCvCm6YQQAAAA8"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 06:50:08
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 02:50:00.316232 2024] [security2:error] [pid 11721:tid 11828] [client 194.233.73.179:61196] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||certifiedprojectmanager.us|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "certifiedprojectmanager.us"] [uri "/site/default/settings.php.BAK"] [unique_id "ZtAaGE8pjRFX_IRgU0oStwAAAUg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 03:56:21
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 23:56:14.723659 2024] [security2:error] [pid 415558:tid 415565] [client 194.233.73.179:59257] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||psychclinicforchange.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "psychclinicforchange.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zs_xXjMmC_RwX0OH5s4atgAAAEQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 02:46:08
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 22:46:00.909856 2024] [security2:error] [pid 17569:tid 17569] [client 194.233.73.179:62957] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||travelimts.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "travelimts.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zs_g6AkHvacIpMbrP4AeBQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 02:29:27
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 22:29:22.907985 2024] [security2:error] [pid 6758:tid 6758] [client 194.233.73.179:56051] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bizzybeejunkremoval.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bizzybeejunkremoval.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zs_dApomCkHRfpRundbASgAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 01:55:09
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 21:55:05.921982 2024] [security2:error] [pid 28043:tid 28043] [client 194.233.73.179:55128] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nealandmichaeleschon.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nealandmichaeleschon.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zs_U-R0FSBdp_D9frTAQegAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 01:19:11
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 21:19:06.004917 2024] [security2:error] [pid 15776:tid 15776] [client 194.233.73.179:59141] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||libyagreenrecycling.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "libyagreenrecycling.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zs_MiveEKzKTqirPD-dVmgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 01:00:46
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 21:00:41.291469 2024] [security2:error] [pid 26626:tid 26626] [client 194.233.73.179:63784] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||clearlightcarwash.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "clearlightcarwash.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zs_IOQ7W6oOh-OPSIAmzDQAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 00:15:34
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): ... show more (mod_security) mod_security (id:210730) triggered by 194.233.73.179 (vmi2007962.contaboserver.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 28 20:15:31.224971 2024] [security2:error] [pid 29091:tid 29091] [client 194.233.73.179:62257] [client 194.233.73.179] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||nolagardenmarket.com|F|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "nolagardenmarket.com"] [uri "/site/default/settings.php.BAK"] [unique_id "Zs-9o-EqliDpjeDFIDB93AAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack