TPI-Abuse
2024-12-03 20:20:06
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 15:19:57.041292 2024] [security2:error] [pid 25378:tid 25378] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:35828] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||comerceclips.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "comerceclips.com"] [uri "/mailto:[email protected] "] [unique_id "Z09n7cWqZ3eh3K51b8PRRAAAABo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-03 05:22:47
(3 days ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 03 00:22:41.123267 2024] [security2:error] [pid 18640:tid 18640] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:55414] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||terrybeachmusic.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "terrybeachmusic.com"] [uri "/mailto:[email protected] "] [unique_id "Z06VodN4S5CFwPsKbVPfxgAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
Mehmet_The_Script_Kiddie
2024-12-02 01:34:51
(4 days ago)
POST /admin-login.php HTTP/1.1
Bad Web Bot
Web App Attack
conseilgouz
2024-11-30 08:51:36
(5 days ago)
sie-Joomla Authentification : try to force the door...
Hacking
mawan
2024-11-29 15:03:00
(6 days ago)
Suspected of having performed illicit activity on LAX server.
Web App Attack
RLDD
2024-11-29 00:47:40
(1 week ago)
WP probing -nov
Web App Attack
TPI-Abuse
2024-11-28 14:31:18
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 28 09:31:13.077803 2024] [security2:error] [pid 18001:tid 18001] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:53470] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||kristywernerauthor.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kristywernerauthor.com"] [uri "/mailto:[email protected] "] [unique_id "Z0h-sSzFit-MCbRl5yZxMgAAAAM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-28 01:46:36
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 27 20:46:30.375979 2024] [security2:error] [pid 10650:tid 10650] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:34256] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pfqfcic.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pfqfcic.org"] [uri "/mailto:[email protected] "] [unique_id "Z0fLdhvY4zAlHBYoCA_AnQAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
conseilgouz
2024-11-27 15:21:58
(1 week ago)
scw-Joomla User : try to access forms...
Hacking
advena
2024-11-27 02:45:57
(1 week ago)
2001:67c:440:f6f8:c001:1001:a83:3d36 (AS57944 IPC-AS) was intercepted at 2024-11-27T02:35:21Z after ... show more 2001:67c:440:f6f8:c001:1001:a83:3d36 (AS57944 IPC-AS) was intercepted at 2024-11-27T02:35:21Z after violating WAF directive: d0380eeb922844b5b69152600cea062c. Pre-cautionary/corrective action applied: block. show less
Web Spam
Hacking
Brute-Force
Web App Attack
LRob.fr
2024-11-26 16:45:07
(1 week ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
TPI-Abuse
2024-11-26 12:17:22
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 07:17:16.788126 2024] [security2:error] [pid 13554:tid 13554] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:35992] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||healthfacilityconsulting.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "healthfacilityconsulting.com"] [uri "/mailto:[email protected] "] [unique_id "Z0W8TOrWQVHaqFm_9fZXsQAAAAI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-24 22:56:59
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 24 17:56:50.031618 2024] [security2:error] [pid 10909:tid 10909] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:42170] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||brbvip.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "brbvip.com"] [uri "/mailto:[email protected] "] [unique_id "Z0OvMqIGmR1Ue7QdHT5EvwAAAAw"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-24 03:03:30
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 23 22:03:25.777084 2024] [security2:error] [pid 11375:tid 11427] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:57484] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||360degreevalue.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "360degreevalue.com"] [uri "/mailto:[email protected] "] [unique_id "Z0KXfcbRydLhO52WTUd6twAAAdU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-24 02:30:38
(1 week ago)
(mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): ... show more (mod_security) mod_security (id:210730) triggered by 2001:67c:440:f6f8:c001:1001:a83:3d36 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 23 21:30:29.229653 2024] [security2:error] [pid 25475:tid 25475] [client 2001:67c:440:f6f8:c001:1001:a83:3d36:57666] [client 2001:67c:440:f6f8:c001:1001:a83:3d36] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||polish-boat-registration.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "polish-boat-registration.com"] [uri "/mailto:[email protected] "] [unique_id "Z0KPxSwWO-jY8-QsVJhfzwAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack