TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 25 11:38:16.750518 2024] [security2:error] [pid 30661] [client 37.143.63.191:32817] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.cbcconsult.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.cbcconsult.com"] [uri "/wp-admin/"] [unique_id "ZgGaaDUMe5q6BzoB4YC3yQAAABk"], referer: http://www.cbcconsult.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 19 11:58:35.517990 2024] [security2:error] [pid 19129] [client 37.143.63.191:59191] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||revision.ws|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "revision.ws"] [uri "/wordpress/prompts-for-voice-and-style/"] [unique_id "Zfm2KwJqDv3gu6zPjUutkAAAABY"], referer: https://revision.ws/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 15 03:36:31.612484 2024] [security2:error] [pid 14170] [client 37.143.63.191:48945] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.bigchus.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.bigchus.com"] [uri "/wp-login.php"] [unique_id "ZfP6f2hqqMMKOH3g3RU1nwAAAEM"], referer: http://www.bigchus.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 23 10:48:43.741807 2024] [security2:error] [pid 22434] [client 37.143.63.191:60441] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.nancyscafeandcatering.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.nancyscafeandcatering.com"] [uri "/wp-content/themes/eatery/nav.php"] [unique_id "Zdi-W8NnRxGynTio5cW9GwAAABo"], referer: http://www.nancyscafeandcatering.com show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 24 18:32:36.245600 2024] [security2:error] [pid 19716] [client 37.143.63.191:57007] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||moversandshakers.org|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "moversandshakers.org"] [uri "/register/"] [unique_id "ZbGeFLMfbbDAi36VPzLrAwAAAAk"], referer: https://moversandshakers.org/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 24 05:00:51.345596 2024] [security2:error] [pid 25470] [client 37.143.63.191:39543] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||kotelbarmitzvah.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "kotelbarmitzvah.com"] [uri "/wp-login.php"] [unique_id "ZbDf0xWK5uAtci2QaI6CoAAAAAE"], referer: https://kotelbarmitzvah.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 21 13:14:22.245690 2024] [security2:error] [pid 31724:tid 47417068857088] [client 37.143.63.191:47489] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.duplexgoldmine.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.duplexgoldmine.com"] [uri "/wp-login.php"] [unique_id "Za1e_tE_0TjlbzVmlLuOMwAAAAk"], referer: https://www.duplexgoldmine.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 21 01:43:11.949019 2024] [security2:error] [pid 28128] [client 37.143.63.191:49899] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.purewildoregon.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.purewildoregon.com"] [uri "/wp-admin/admin-ajax.php"] [unique_id "Zay8_wrJxJ-b1qqyHTq-BwAAABc"], referer: https://www.purewildoregon.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210350) triggered by 37.143.63.191 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 20 17:50:16.233826 2024] [security2:error] [pid 7579] [client 37.143.63.191:26857] [client 37.143.63.191] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found||www.mountainjaytherapy.com|F|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.mountainjaytherapy.com"] [uri "/wp-admin/post.php"] [unique_id "ZaxOKH3TOUe-hqep5ofagQAAAAM"], referer: http://www.mountainjaytherapy.com/ show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TheMadBeaker
|
|
Fail2Ban Ban Triggered
Wordpress Attack Attempt
|
Brute-Force
Web App Attack
|
|