oncord
|
|
Form spam
|
Web Spam
|
|
unifr
|
|
Unauthorized IMAP connection attempt
|
Brute-Force
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Oct 11 14:58:01.182861 2024] [security2:error] [pid 32624:tid 32624] [client 45.86.202.33:50581] [client 45.86.202.33] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pellman-world.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pellman-world.com"] [uri "/old/sql.sql"] [unique_id "Zwl1ObHD9UvVeGnQ2vhNzgAAABE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
KrisK
|
|
Brute force
|
Brute-Force
|
|
NOC ST
|
|
Oct 10 21:25:34 zimbramta01 postfix/submission/smtpd[11210]: warning: unknown[45.86.202.33]: SASL LO ... show moreOct 10 21:25:34 zimbramta01 postfix/submission/smtpd[11210]: warning: unknown[45.86.202.33]: SASL LOGIN authentication failed: authentication failure
Oct 10 21:25:34 zimbramta01 postfix/submission/smtpd[4715]: warning: unknown[45.86.202.33]: SASL LOGIN authentication failed: authentication failure
Oct 10 21:25:34 zimbramta01 postfix/submission/smtpd[4715]: warning: unknown[45.86.202.33]: SASL LOGIN authentication failed: authentication failure
... show less
|
Brute-Force
|
|
kkeyser
|
|
warning: unknown[45.86.202.33]: SASL LOGIN authentication failed: authentication failure
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210492) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210492) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 10 02:10:31.135950 2024] [security2:error] [pid 9465:tid 9465] [client 45.86.202.33:14147] [client 45.86.202.33] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.freemanfoundationcle.org"] [uri "/.env"] [unique_id "Zwdv17g5Kn-Knmao8kH3MQAAAAE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 14 00:27:01.625582 2024] [security2:error] [pid 3244:tid 3244] [client 45.86.202.33:20281] [client 45.86.202.33] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||pigspolygon.xyz|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "pigspolygon.xyz"] [uri "/old/www.sql"] [unique_id "ZrwyFYcWR3EfW_WyKz56rwAAAAc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Anonymous
|
|
"SQL-Injection"
|
Brute-Force
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:210730) triggered by 45.86.202.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 04:15:49.739935 2024] [security2:error] [pid 1858] [client 45.86.202.33:57301] [client 45.86.202.33] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||collectablecryptos.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "collectablecryptos.com"] [uri "/mysql.sql"] [unique_id "ZoO3NVh2zIDRUTQTXdnKJAAAAAo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|