TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 03:30:43.621697 2024] [security2:error] [pid 11344:tid 11344] [client 45.66.230.26:55605] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||northernohiotra.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "northernohiotra.com"] [uri "/notra/mailto:[email protected]"] [unique_id "ZzHAs6hLOMBGaQvvnHyiWwAAAAg"], referer: http://northernohiotra.com//mailto:[email protected]?subject=Error%20message%20[404]%20(none)%20for%20northernohiotra.com/notra/%20port%2080%20on%20Monday,%2011-Nov-2024%2003:30:43%20EST%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
octageeks.com
|
|
Wordpress malicious attack:[octa404]
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 20:34:04.260193 2024] [security2:error] [pid 14876:tid 14910] [client 45.66.230.26:62294] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||adetnw.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "adetnw.com"] [uri "/mailto:[email protected]"] [unique_id "ZzFfDIojM-3Vt2FessCOCQAAAUM"], referer: http://adetnw.com//mailto:[email protected]?Subject=From%20Adetnw%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 12:31:41.678555 2024] [security2:error] [pid 13801:tid 13801] [client 45.66.230.26:53332] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||teds-labs.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "teds-labs.com"] [uri "/labs/indexlabs.html/mailto:[email protected]"] [unique_id "ZzDt_aKlsuVw1lSRcOKlBAAAAAw"], referer: http://teds-labs.com//mailto:[email protected]?subject=Error%20message%20[404]%20(none)%20for%20teds-labs.com/labs/indexlabs.html%20port%2080%20on%20Sunday,%2010-Nov-2024%2012:31:41%20EST%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 08:18:41.098053 2024] [security2:error] [pid 25269:tid 25269] [client 45.66.230.26:53593] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||homeschoolwv.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "homeschoolwv.com"] [uri "/mailto:[email protected]"] [unique_id "ZzCysfbCBtsL-O1-nl4C3gAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 06:30:08.802881 2024] [security2:error] [pid 12492:tid 12575] [client 45.66.230.26:60097] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||patzersprogress.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "patzersprogress.com"] [uri "/patzer/mailto:[email protected]"] [unique_id "ZzCZQBOqq0vjmy7bEORf8gAAAQQ"], referer: http://patzersprogress.com//mailto:[email protected]?subject=Error%20message%20[404]%20(none)%20for%20patzersprogress.com/patzer/%20port%2080%20on%20Sunday,%2010-Nov-2024%2006:30:08%20EST%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 06:08:02.347449 2024] [security2:error] [pid 19827:tid 19827] [client 45.66.230.26:63345] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||robk64.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "robk64.com"] [uri "/mailto:[email protected]"] [unique_id "ZzCUEttv4JS-TMwf2XVJ6QAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 05:35:16.913318 2024] [security2:error] [pid 29935:tid 29935] [client 45.66.230.26:61920] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lifestrong.com|F|2"] [data "[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lifestrong.com"] [uri "/mailto:[email protected]"] [unique_id "ZzCMZB-0dxuTlrANGg-G8QAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 05:05:52.931536 2024] [security2:error] [pid 871021:tid 871021] [client 45.66.230.26:64939] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||revidiego.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "revidiego.com"] [uri "/mailto:[email protected]"] [unique_id "ZzCFgE1gvFZHo9MCFR4fOAAAABQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 03:38:27.544491 2024] [security2:error] [pid 1968769:tid 1968769] [client 45.66.230.26:55106] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||verventdft.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "verventdft.com"] [uri "/mailto:[email protected]"] [unique_id "ZzBxA7gmugdzCKFVaIw-NgAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 02:47:17.077357 2024] [security2:error] [pid 30745:tid 30745] [client 45.66.230.26:60399] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||infoagogo.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "infoagogo.com"] [uri "/noodlerama/INFOaGoGo/mailto:[email protected]"] [unique_id "ZzBlBe4hR2nhtdig1m3nwgAAAAw"], referer: http://infoagogo.com//mailto:[email protected]?subject=Error%20message%20[404]%20(none)%20for%20infoagogo.com/noodlerama/INFOaGoGo%20port%2080%20on%20Sunday,%2010-Nov-2024%2002:47:16%20EST%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 20:47:03.661299 2024] [security2:error] [pid 16760:tid 16760] [client 45.66.230.26:65068] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||jeanassemat.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "jeanassemat.com"] [uri "/mailto:[email protected]"] [unique_id "ZzAQl64aQ2B-KxhZxgrUlAAAABM"], referer: http://jeanassemat.com//mailto:[email protected]?Subject=Contact%20Web%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 20:09:18.110627 2024] [security2:error] [pid 26894:tid 26894] [client 45.66.230.26:57663] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||lindercrossing.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "lindercrossing.com"] [uri "/parked/mailto:[email protected]"] [unique_id "ZzAHvkuXbLJ5vT1bjeGvhwAAAAw"], referer: http://lindercrossing.com//mailto:[email protected]?subject=Error%20message%20[404]%20(none)%20for%20lindercrossing.com/parked%20port%2080%20on%20Saturday,%2009-Nov-2024%2020:09:17%20EST%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.66.230.26 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 09 19:52:24.489453 2024] [security2:error] [pid 991072:tid 991072] [client 45.66.230.26:63443] [client 45.66.230.26] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||encorejamfest.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "encorejamfest.com"] [uri "/info/jamfest/mailto:[email protected]"] [unique_id "ZzADyPVxE9m9nhZtUtjgbQAAAAE"], referer: http://encorejamfest.com//mailto:[email protected]?subject=Error%20message%20[404]%20(none)%20for%20encorejamfest.com/info/jamfest/%20port%2080%20on%20Saturday,%2009-Nov-2024%2019:52:24%20EST%27 show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|