TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 07 04:46:06.458838 2024] [security2:error] [pid 21262:tid 21262] [client 194.5.82.66:22151] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.nebraskaadaptivesports.org|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.nebraskaadaptivesports.org"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "ZtwSznCRbSI0qDLWhsgUHQAAAAc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 20:27:50.128837 2024] [security2:error] [pid 23165:tid 23165] [client 194.5.82.66:11383] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sites.caribbeancoders.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sites.caribbeancoders.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "ZsvMBnySWLrKSVCSjvsdagAAAAo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 25 11:16:35.596509 2024] [security2:error] [pid 2814:tid 2814] [client 194.5.82.66:8245] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||cagri.lobibilisim.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "cagri.lobibilisim.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "ZstK03wjO6fyYxNtmv8oFgAAAA8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 22 19:46:58.448549 2024] [security2:error] [pid 32482:tid 32482] [client 194.5.82.66:2893] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.entetanimiento.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.entetanimiento.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "ZsfN8vFmFnf364OYiNhHbQAAAAU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 06 19:27:00.734344 2024] [security2:error] [pid 2109125:tid 2109125] [client 194.5.82.66:46759] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.greatwesternfirearms.deubellzebub.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.greatwesternfirearms.deubellzebub.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "ZrKxRET-K0StZgwciQjqJQAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 11:50:49.582034 2024] [security2:error] [pid 10384:tid 10420] [client 194.5.82.66:33347] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.danbressler.pwrcoupling.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.danbressler.pwrcoupling.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Zq5R2bGVcCCeznq67YsmCgAAANg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 03 10:39:52.855332 2024] [security2:error] [pid 1725000:tid 1725006] [client 194.5.82.66:44193] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||aaadatacom.digital4z.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "aaadatacom.digital4z.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Zq5BODZqPkArE2mMZ29O6QAAAEQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 28 09:24:45.386963 2024] [security2:error] [pid 10685:tid 47133334034176] [client 194.5.82.66:28643] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bullfrogsmusic.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bullfrogsmusic.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Zn65nc3diaRf2JmTf0onCAAAAUc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 27 02:32:28.340077 2024] [security2:error] [pid 22444] [client 194.5.82.66:4387] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||hwy251.com|F|2"] [data ".web.ui.webresource.axd"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "hwy251.com"] [uri "/Telerik.Web.UI.WebResource.axd"] [unique_id "Zn0HfF3u0fljlM7dUyxjlgAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:217280) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:217280) triggered by 194.5.82.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 19 15:13:34.455136 2024] [security2:error] [pid 29999] [client 194.5.82.66:24957] [client 194.5.82.66] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n|\\\\r)+(?:get|post|head|options|connect|put|delete|trace|propfind|propatch|mkcol|copy|move|lock|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack||networkingpeak.com|F|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "networkingpeak.com"] [uri "/contact.html"] [unique_id "ZiLCXtipqiFlYLOG-Sc7jQAAAA0"], referer: http://networkingpeak.com/contact.html show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
oncord
|
|
Form spam
|
Web Spam
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
akasolutions.de
|
|
(wordpress) Failed wordpress login from 194.5.82.66 (SG/Singapore/-)
|
Brute-Force
|
|