sms.ru
|
|
SMS pumping attack from foreign country
|
DDoS Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
Brute-Force
SSH
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
Brute-Force
SSH
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 04 03:24:54.291041 2024] [security2:error] [pid 1788025] [client 193.203.11.206:51045] [client 193.203.11.206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||loneoakhoney.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "loneoakhoney.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zl7BRpBTKfnq1rXC6QkIewAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 02 16:53:51.136887 2024] [security2:error] [pid 31639] [client 193.203.11.206:61745] [client 193.203.11.206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eta-mct.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eta-mct.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zlzb37nLOYbb7IUHFuZqigAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 02 08:41:21.744568 2024] [security2:error] [pid 576013] [client 193.203.11.206:31611] [client 193.203.11.206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||eb5coalition.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "eb5coalition.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlxocXEwJcg_pdYRIakIRgAAAB0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 01 22:36:28.353181 2024] [security2:error] [pid 31222:tid 47138445530880] [client 193.203.11.206:60999] [client 193.203.11.206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||dejacats.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dejacats.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlvarLe_n7VGwIwRQaQNGwAAAMI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 31 22:11:35.052961 2024] [security2:error] [pid 2623] [client 193.203.11.206:36431] [client 193.203.11.206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||bundrenfarmstn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bundrenfarmstn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlqDV0_q8wgcobgHLN8hKwAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 31 01:40:09.037225 2024] [security2:error] [pid 18304] [client 193.203.11.206:43887] [client 193.203.11.206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||asapsmogcheck.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "asapsmogcheck.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlliucfPbDGyeoItPGk_IQAAAA0"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:225170) triggered by 193.203.11.206 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 30 12:08:03.097829 2024] [security2:error] [pid 28834] [client 193.203.11.206:62669] [client 193.203.11.206] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||advantagesystemsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "advantagesystemsgroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZlikYyMABUgnrfhn14Ve2QAAABM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
10dencehispahard SL
|
|
Unauthorized login attempts [ wordpress-xmlrpc]
|
Brute-Force
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|