๐บ๐ธ
TPI-Abuse
2026-07-07 14:36:04
(2 days ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 10:35:58.052783 2026] [security2:error] [pid 12138:tid 12138] [client 52.123.183.78:10304] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cmcnow.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cmcnow.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "ak0OzsvT6W9PMhcsltA_nAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-16 03:50:27
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 23:50:22.720217 2026] [security2:error] [pid 29937:tid 29937] [client 52.123.183.78:34305] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.feaverslane.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "ajDH_l9PLs7bwLOYCW5SqwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-24 17:06:21
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 13:06:17.370031 2026] [security2:error] [pid 1061565:tid 1061565] [client 52.123.183.78:63680] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cbcconsult.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cbcconsult.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "aeujCQxAUkowhVqrmlou8gAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-30 11:36:48
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 07:36:42.263790 2026] [security2:error] [pid 10433:tid 10433] [client 52.123.183.78:60291] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.feaverslane.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "acpgSh66GFLG7Vdti9VkoQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-03-11 05:35:35
(3 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 01:35:31.803474 2026] [security2:error] [pid 21767:tid 21767] [client 52.123.183.78:20420] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.st-johns.us|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.st-johns.us"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "abD_Ix-Bi25n590laJEECQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-28 20:22:21
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 28 15:22:16.989967 2026] [security2:error] [pid 491:tid 513] [client 52.123.183.78:9282] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.sasintegrated.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.sasintegrated.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "aaNOeNvPEQ1D_zlH8uxHKQAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-26 18:59:47
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 26 13:59:40.604401 2026] [security2:error] [pid 27957:tid 27957] [client 52.123.183.78:12868] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cmcnow.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cmcnow.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "aaCYHK783IwEL6BWZjoYpQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 19:07:15
(4 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 14:07:10.407043 2026] [security2:error] [pid 28739:tid 28739] [client 52.123.183.78:26693] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cbcconsult.com|F|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cbcconsult.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "aZiw3kmTigLm8fOwDLeZ7wAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-16 20:12:26
(5 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jan 16 15:12:22.619093 2026] [security2:error] [pid 11967:tid 11967] [client 52.123.183.78:64066] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.feaverslane.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "aWqbpiSjfwVFub0d8YOb2gAAACo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-01-08 19:38:58
(6 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 08 14:38:51.979647 2026] [security2:error] [pid 3453:tid 3453] [client 52.123.183.78:55297] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cbcconsult.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cbcconsult.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "aWAHy1iKygYx1BqTiMdCXgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-11-06 14:58:32
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 06 09:58:25.150499 2025] [security2:error] [pid 8085:tid 8085] [client 52.123.183.78:51265] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cmcnow.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cmcnow.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "aQy3kVTo6rda4XsbSAIQ1wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-30 15:24:22
(8 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 30 11:24:18.824293 2025] [security2:error] [pid 10551:tid 10551] [client 52.123.183.78:21505] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.varalla.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.varalla.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "aQODIssJHuzqhXUeeNTQ-wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-10-02 17:03:48
(9 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 02 13:03:41.303914 2025] [security2:error] [pid 11716:tid 11716] [client 52.123.183.78:5123] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.feaverslane.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "aN6wbU82GguovYEf1g0NtwAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-08-20 20:27:48
(10 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 20 16:27:40.983580 2025] [security2:error] [pid 21693:tid 21693] [client 52.123.183.78:7105] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.cbcconsult.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cbcconsult.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "aKYvvMRsRfPcXRKQEiZZbwAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2025-07-21 15:48:23
(11 months ago)
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210730) triggered by 52.123.183.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 21 11:48:17.037324 2025] [security2:error] [pid 15660:tid 15660] [client 52.123.183.78:7171] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy||autodiscover.varalla.com|F|2"] [data ".com#[email protected] "] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.varalla.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected] "] [unique_id "aH5hQTSPoYXPiaviLc41_AAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack