TPI-Abuse
2024-10-01 18:39:02
(5 days ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 01 14:38:55.644328 2024] [security2:error] [pid 12489:tid 12489] [client 2a0b:f4c2:3::80:43909] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||unladenswallow.us|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "unladenswallow.us"] [uri "/unladenswallo.sql"] [unique_id "ZvxBv02IT4bqaXiy25cu_gAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 22:38:16
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 18:38:11.588062 2024] [security2:error] [pid 26095:tid 26112] [client 2a0b:f4c2:3::80:64521] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||strengthsmatter.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "strengthsmatter.com"] [uri "/gthsmatter.sql"] [unique_id "ZtD4UwBuczZSxBxA8dnBJwAAAM4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-29 21:51:13
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 29 17:51:06.261665 2024] [security2:error] [pid 8167:tid 8167] [client 2a0b:f4c2:3::80:19845] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.writebetweenthelines.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.writebetweenthelines.com"] [uri "/ritebetweenthelines.sql"] [unique_id "ZtDtSoIvBGAAN4m8jakU2AAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 21:28:07
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 17:28:00.922201 2024] [security2:error] [pid 3717:tid 3717] [client 2a0b:f4c2:3::80:64683] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.wilsontribe.org"] [uri "/.git/config"] [unique_id "ZsJnYPdUs40EerCzdMSC_gAAAAQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 04:06:19
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 18 00:06:11.416862 2024] [security2:error] [pid 18930:tid 18930] [client 2a0b:f4c2:3::80:49845] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.jimhermelband.com"] [uri "/.git/config"] [unique_id "ZsFzMwAl6soE5p_JVtvBoQAAAAU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-18 03:08:55
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 17 23:08:50.321662 2024] [security2:error] [pid 12605:tid 12605] [client 2a0b:f4c2:3::80:6087] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.pghboug.org"] [uri "/.git/config"] [unique_id "ZsFlwgWrRFMxgyheNWH8ggAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-14 02:09:51
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Aug 13 22:09:44.208014 2024] [security2:error] [pid 2183:tid 2183] [client 2a0b:f4c2:3::80:2245] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||starvationacres.us|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "starvationacres.us"] [uri "/starvat.sql"] [unique_id "ZrwR6IIW9e5CJw1v_1Op1gAAAA0"] show less
Brute-Force
Bad Web Bot
Web App Attack
cmbplf
2024-08-07 11:29:23
(1 month ago)
636 requests to */xmlrpc.php
Brute-Force
Bad Web Bot
TPI-Abuse
2024-08-06 02:04:16
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 22:04:12.048415 2024] [security2:error] [pid 4789:tid 4789] [client 2a0b:f4c2:3::80:49417] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.z-mgmt.com"] [uri "/.git/config"] [unique_id "ZrGEnIuYPudPPXG0-FupUwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-06 01:29:21
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 21:29:13.883121 2024] [security2:error] [pid 4973:tid 4973] [client 2a0b:f4c2:3::80:19685] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.gemexpressions.com"] [uri "/.git/config"] [unique_id "ZrF8afjAIpMUG7fcFFY1wgAAABQ"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-08-06 01:01:06
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 05 21:00:59.563004 2024] [security2:error] [pid 14811:tid 14811] [client 2a0b:f4c2:3::80:17297] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.haywardcarpentry.com"] [uri "/.git/config"] [unique_id "ZrF1y_yPq_eERTfVxfI0MgAAABM"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-30 12:48:47
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 08:48:43.627201 2024] [security2:error] [pid 7692:tid 7692] [client 2a0b:f4c2:3::80:40897] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.tntgrafix.com"] [uri "/.git/config"] [unique_id "ZqjhK2ogIjdP18PRvWfUagAAABI"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-30 09:55:21
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 30 05:55:14.333799 2024] [security2:error] [pid 29178:tid 29178] [client 2a0b:f4c2:3::80:44933] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.windisfun.com"] [uri "/.git/config"] [unique_id "Zqi4grsqkA2Lp8L588892wAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-28 12:21:13
(2 months ago)
(mod_security) mod_security (id:240000) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:240000) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 28 08:21:07.620012 2024] [security2:error] [pid 13791:tid 13791] [client 2a0b:f4c2:3::80:36881] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||www.jwwsb.jaspercity.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "www.jwwsb.jaspercity.com"] [uri "/images/stories/up.php"] [unique_id "ZqY3s5W5lnWEtPBwKjDHJwAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-07-28 01:34:19
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 27 21:34:14.009127 2024] [security2:error] [pid 29692:tid 29692] [client 2a0b:f4c2:3::80:5021] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jesussotoca.com"] [uri "/wp-config.bak"] [unique_id "ZqWgFqF4wm0jgyEammddnwAAABw"] show less
Brute-Force
Bad Web Bot
Web App Attack