TPI-Abuse
2024-04-08 00:37:48
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 07 20:37:41.631191 2024] [security2:error] [pid 1787340] [client 2a0b:f4c2:3::80:46561] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||rcjlawfirm.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "rcjlawfirm.com"] [uri "/wp.sql"] [unique_id "ZhM8VYivSifCZZi9tuuKpQAAABE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-28 17:48:42
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 28 13:48:36.294867 2024] [security2:error] [pid 8305] [client 2a0b:f4c2:3::80:9659] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.athletestandard.com"] [uri "/.git/config"] [unique_id "ZgWtdHpkBRdqARDagewoSgAAABY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-21 08:33:10
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 21 04:33:03.711698 2024] [security2:error] [pid 31276] [client 2a0b:f4c2:3::80:18129] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.mariannehansen.com"] [uri "/.git/config"] [unique_id "Zfvwv5uzSEmVQrlaGqogVAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-21 00:39:57
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 20 20:39:50.194352 2024] [security2:error] [pid 19615] [client 2a0b:f4c2:3::80:61825] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.survivalaikido.com"] [uri "/.git/config"] [unique_id "ZfuB1u0qlBJwTVF7ugOqIAAAAA4"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-17 15:47:17
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 17 11:46:48.091753 2024] [security2:error] [pid 23918:tid 47453298521856] [client 2a0b:f4c2:3::80:58589] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.wizart.org"] [uri "/.git/config"] [unique_id "ZfcQaAaPIzgTC6ClHJaxKAAAABU"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-03-13 21:02:13
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210492) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 13 17:02:06.036028 2024] [security2:error] [pid 32620:tid 47322713077504] [client 2a0b:f4c2:3::80:55409] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ipv6.abney.info"] [uri "/.git/config"] [unique_id "ZfIUTriqOmfc257lOG1fIgAAAI0"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-02-25 01:31:52
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 24 20:31:44.959337 2024] [security2:error] [pid 30830] [client 2a0b:f4c2:3::80:3215] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||player-care.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "player-care.com"] [uri "/mailto:[email protected] "] [unique_id "ZdqYgJv6kF3VhXvFAkwesgAAABg"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-02-05 07:36:01
(7 months ago)
(mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 se ... show more (mod_security) mod_security (id:210730) triggered by 2a0b:f4c2:3::80 (Unknown): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 05 02:35:56.629204 2024] [security2:error] [pid 28009] [client 2a0b:f4c2:3::80:43655] [client 2a0b:f4c2:3::80] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||burke698.org|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "burke698.org"] [uri "/cubscouts/mailto:[email protected] "] [unique_id "ZcCP3LjSXih1OzDGwdjecAAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack
Sofibox Cyberwatch
2022-03-02 19:58:10
(2 years ago)
[bad_ip: 2a0b:f4c2:0003:0000:0000:0000:0000:0080 [alert_level: High Risk [inbound(1)+outbound(0): 1 ... show more [bad_ip: 2a0b:f4c2:0003:0000:0000:0000:0000:0080 [alert_level: High Risk [inbound(1)+outbound(0): 1 [target_port: 443 [class: Misc Attack [msg: ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 630 [csf_block_status: ip-already-blocked [blcheck_ip_score: 100% (0/196) [blcheck_domain: "" [blcheck_comment: "blcheck IPv4+IPv6 scanner v0.7.8 @ github.com/sofibox/blcheck" [log_suspicious_score: nil% [mod_security_alert: false show less
Hacking
Buster
2022-01-30 17:00:11
(2 years ago)
Attack attempts from Perm Blocked ASN & country
Hacking
Brute-Force
Web App Attack