TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 28 10:33:00.571234 2024] [security2:error] [pid 2694:tid 2694] [client 37.143.63.191:62901] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.powerkiteforum.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.powerkiteforum.com"] [uri "/member.php"] [unique_id "ZqZWnKYiueMaNekfeS4aKQAAAAo"], referer: http://www.powerkiteforum.com/member.php?action=reg show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 13 16:12:08.428840 2024] [security2:error] [pid 27833] [client 37.143.63.191:58583] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.accpp.link|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.accpp.link"] [uri "/"] [unique_id "ZpLfmPg9QqPwy1xQCzN65QAAAAU"], referer: http://www.accpp.link show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
oncord
|
|
Form spam
|
Web Spam
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 09 09:13:22.477755 2024] [security2:error] [pid 30102] [client 37.143.63.191:65259] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.global3darts.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.global3darts.com"] [uri "/wp-login.php"] [unique_id "Zo03crk9UeapMOw9YPmkLAAAAAA"], referer: https://www.global3darts.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 07 06:37:02.311700 2024] [security2:error] [pid 19766] [client 37.143.63.191:42423] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||denvercitymotorparts.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "denvercitymotorparts.com"] [uri "/wp-login.php"] [unique_id "Zopvzkx5lhsLZPJYx-LmKAAAAAk"], referer: http://denvercitymotorparts.com/wp-login.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
10dencehispahard SL
|
|
Unauthorized login attempts [ accesslogs]
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 04 10:44:21.776733 2024] [security2:error] [pid 11550] [client 37.143.63.191:56821] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||borzois.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "borzois.com"] [uri "/zoibib.html"] [unique_id "Zoa1RXZ7UcgFYgJSy4us7gAAAAE"], referer: http://borzois.com/zoibib.html show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 03 03:24:08.476107 2024] [security2:error] [pid 4113] [client 37.143.63.191:51221] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||iconconstructors.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "iconconstructors.com"] [uri "/wp-login.php"] [unique_id "ZoT8mOw0oj94zFjA9d9TLAAAABE"], referer: http://iconconstructors.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 01 18:00:58.066844 2024] [security2:error] [pid 23032:tid 47340794210048] [client 37.143.63.191:45849] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.psds.link.omegaoak.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.psds.link.omegaoak.com"] [uri "/"] [unique_id "ZoMnGhkx4bFwv80aArLX8QAAAIc"], referer: http://www.psds.link.omegaoak.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 01 07:45:15.435233 2024] [security2:error] [pid 31014] [client 37.143.63.191:59095] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.bikinitweets.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.bikinitweets.com"] [uri "/wp-login.php"] [unique_id "ZoKWywucgX0CBaWj40-zUgAAAA8"], referer: http://www.bikinitweets.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 24 17:55:31.245878 2024] [security2:error] [pid 23178] [client 37.143.63.191:41495] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||sadisticserena.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "sadisticserena.com"] [uri "/forum/profile.php"] [unique_id "ZnnrU_N8Stlc5Y95734K0gAAAAE"], referer: http://sadisticserena.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|