TPI-Abuse
2025-01-21 15:15:32
(4 days ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 21 10:15:25.571790 2025] [security2:error] [pid 7913:tid 7913] [client 52.112.92.65:32065] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cbcconsult.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cbcconsult.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "Z4-6DaMJLDSLONX1BvRE7QAAAAY"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-19 18:46:27
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 19 13:46:21.649018 2024] [security2:error] [pid 28431:tid 28431] [client 52.112.92.65:11308] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.feaverslane.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "Z2Rp_cKEuXw_5PbyDGeuhgAAAAE"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-12-08 20:58:34
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 08 15:58:30.219246 2024] [security2:error] [pid 22696:tid 22696] [client 52.112.92.65:23875] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.johnrobinsonconsulting.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.johnrobinsonconsulting.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "Z1YIdquU-R8l4UlA06wyTgAAAAo"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-11-05 21:29:56
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 05 16:29:52.314999 2024] [security2:error] [pid 5786:tid 5786] [client 52.112.92.65:20613] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.varalla.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.varalla.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "ZyqOUIc92Dg_p0xX8q7YUgAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-15 03:56:00
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 14 23:55:56.049763 2024] [security2:error] [pid 9849:tid 9849] [client 52.112.92.65:24640] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.peaksalesnw.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.peaksalesnw.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "Zw3nzGyl7MH2b7sYODwKxAAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-10-10 23:08:28
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 10 19:08:24.351778 2024] [security2:error] [pid 7439:tid 7439] [client 52.112.92.65:6186] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.georgelaceysales.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.georgelaceysales.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ZwheaKAuAF4O_i_-RHXJsAAAABA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-04-22 15:34:27
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 22 11:34:22.340463 2024] [security2:error] [pid 4957] [client 52.112.92.65:10880] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.peaksalesnw.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.peaksalesnw.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "ZiaDfo-NsmDRaW2Fa6yXkgAAAAs"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2024-04-09 18:55:37
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 09 14:55:33.383823 2024] [security2:error] [pid 10358] [client 52.112.92.65:19009] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.georgelaceysales.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.georgelaceysales.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ZhWPJWwiSPKaxQCRst1A7QAAAAA"] show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2023-12-31 20:36:16
(1 year ago)
(mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 52.112.92.65 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 31 15:36:09.416503 2023] [security2:error] [pid 1830:tid 47012068374272] [client 52.112.92.65:25216] [client 52.112.92.65] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.sasintegrated.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.sasintegrated.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected] "] [unique_id "ZZHQuV_YHPdEerqfTpyhbwAAAAc"] show less
Brute-Force
Bad Web Bot
Web App Attack