rtbh.com.tr
|
|
list.rtbh.com.tr report: tcp/0
|
Brute-Force
|
|
rtbh.com.tr
|
|
list.rtbh.com.tr report: tcp/0
|
Brute-Force
|
|
WeekendWeb
|
|
Wordpress Vunerability attack
|
Web App Attack
|
|
Progetto1
|
|
Website Scanning / Scraping
|
Bad Web Bot
Exploited Host
Web App Attack
|
|
rtbh.com.tr
|
|
list.rtbh.com.tr report: tcp/0
|
Brute-Force
|
|
Tha_14
|
|
Limit on login attempts is reached
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 12 21:15:16.616741 2024] [security2:error] [pid 18944:tid 18944] [client 1.12.232.221:34682] [client 1.12.232.221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 1.12.232.221 (+1 hits since last alert)|kinderland-preschool.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kinderland-preschool.com"] [uri "/xmlrpc.php"] [unique_id "ZzQLtONOWfJ0AT9kFM_dmgAAAA4"], referer: https://kinderland-preschool.com/xmlrpc.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
rtbh.com.tr
|
|
list.rtbh.com.tr report: tcp/0
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 12 14:14:28.917773 2024] [security2:error] [pid 359755:tid 359755] [client 1.12.232.221:40680] [client 1.12.232.221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 1.12.232.221 (+1 hits since last alert)|www.mainefirst.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.mainefirst.org"] [uri "/xmlrpc.php"] [unique_id "ZzOpFP5XWKltrcLcdnr-EwAAAAk"], referer: https://www.mainefirst.org/xmlrpc.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
rtbh.com.tr
|
|
list.rtbh.com.tr report: tcp/0
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 11:13:08.190713 2024] [security2:error] [pid 14611:tid 14611] [client 1.12.232.221:55394] [client 1.12.232.221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 1.12.232.221 (+1 hits since last alert)|www.bostonlog.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.bostonlog.com"] [uri "/xmlrpc.php"] [unique_id "ZzItFIXcgwbaUSb5NgLzGAAAAAY"], referer: https://www.bostonlog.com/xmlrpc.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 10:19:54.188728 2024] [security2:error] [pid 7337:tid 7337] [client 1.12.232.221:54312] [client 1.12.232.221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 1.12.232.221 (+1 hits since last alert)|www.soacademy.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.soacademy.org"] [uri "/xmlrpc.php"] [unique_id "ZzIgmg3e9mRUHHzQ55dG1QAAAAQ"], referer: http://www.soacademy.org/xmlrpc.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 11 01:13:11.974624 2024] [security2:error] [pid 28685:tid 28685] [client 1.12.232.221:55140] [client 1.12.232.221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 1.12.232.221 (+1 hits since last alert)|cosplayculture.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cosplayculture.com"] [uri "/xmlrpc.php"] [unique_id "ZzGgd6mrYBhighGdGYe8LQAAABQ"], referer: https://cosplayculture.com/xmlrpc.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240335) triggered by 1.12.232.221 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 19:21:26.737525 2024] [security2:error] [pid 15685:tid 15685] [client 1.12.232.221:59922] [client 1.12.232.221] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 1.12.232.221 (+1 hits since last alert)|www.fetchamreadingroom.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.fetchamreadingroom.org"] [uri "/xmlrpc.php"] [unique_id "ZzFOBmiIMuRT_YuhyK8K_wAAAAg"], referer: https://www.fetchamreadingroom.org/xmlrpc.php show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|