TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 19 22:48:32.891198 2024] [security2:error] [pid 724899:tid 724958] [client 45.91.20.19:16613] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||dpscsde.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "dpscsde.com"] [uri "/old/www.sql"] [unique_id "ZsQEAOeUx3iqMXHuSc4zlgAAAU0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 06:37:36.573638 2024] [security2:error] [pid 15439:tid 15439] [client 45.91.20.19:36575] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||bitcoinsubscribers.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bitcoinsubscribers.com"] [uri "/old/backup.sql"] [unique_id "ZryI8I7XMYLzPdmVUil8-AAAAAk"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 06:19:12.196644 2024] [security2:error] [pid 12666:tid 12666] [client 45.91.20.19:18379] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pigspolygon.xyz|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pigspolygon.xyz"] [uri "/restore/dump.sql"] [unique_id "ZryEoEyG9hhchDMjk4BH0QAAABU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 12 18:20:06.418969 2024] [security2:error] [pid 21720:tid 21720] [client 45.91.20.19:29387] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||sailingcharterburma.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "sailingcharterburma.com"] [uri "/old/dump.sql"] [unique_id "ZrqKllOXwumentIMYfkjuQAAAAs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 19:44:48.532258 2024] [security2:error] [pid 1900402:tid 1900402] [client 45.91.20.19:46807] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.naturephotographyadventures.com"] [uri "/biodiane.htm/backup/sftp-config.json"] [unique_id "Zrf7cCz59nQbBtqXgUBckgAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 19:22:27.039417 2024] [security2:error] [pid 25051:tid 25051] [client 45.91.20.19:47659] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||mapleleaf-marketing.com|F|2"] [data ".dat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mapleleaf-marketing.com"] [uri "/bak/wallet.dat"] [unique_id "Zrf2M4Ec46SPz1zhY4NWWgAAAAA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
| Suspicious URL access.
|
Hacking
SQL Injection
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 16:55:31.068213 2024] [security2:error] [pid 15347] [client 45.91.20.19:21137] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "towlesilvapsychotherapy.com"] [uri "/sftp-config.json"] [unique_id "ZoRpQyNXPruuKo5WdiBGjwAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 03:50:08.073621 2024] [security2:error] [pid 1415] [client 45.91.20.19:27107] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||collectablecryptos.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "collectablecryptos.com"] [uri "/restore/mysql.sql"] [unique_id "ZoOxMHsmbAl5ef4jNZakugAAAAM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 01 21:53:50.934251 2024] [security2:error] [pid 3609] [client 45.91.20.19:63937] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mjkhan.com"] [uri "/sftp-config.json"] [unique_id "ZoNdriCW5wHfLXpwAWkDeQAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
10dencehispahard SL
|
|
Unauthorized login attempts [ spamlogs]
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 05 15:00:16.777124 2024] [security2:error] [pid 27092] [client 45.91.20.19:18189] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jeromebrownmba.com"] [uri "/bak/.env"] [unique_id "ZcE-UH0Wv3_COmczMm9rsQAAABo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210730) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 23 08:48:38.744930 2024] [security2:error] [pid 32527:tid 47148297291520] [client 45.91.20.19:31537] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||blastfuturepress.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "blastfuturepress.com"] [uri "/backup/www.sql"] [unique_id "Za_Dto1CtBXmC1rwH7j_GwAAAIg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: ... show more(mod_security) mod_security (id:210492) triggered by 45.91.20.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 22 12:03:33.714481 2024] [security2:error] [pid 23151] [client 45.91.20.19:2473] [client 45.91.20.19] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "equine-essence.com"] [uri "/old/sftp-config.json"] [unique_id "Za6f5QhXno6h5Rtus7j3mQAAABs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
unifr
|
|
Unauthorized IMAP connection attempt
|
Brute-Force
|
|