Anonymous
|
|
Ports: 143,993; Direction: 0; Trigger: LF_DISTATTACK
|
Brute-Force
SSH
|
|
Dolphi
|
|
POST //xmlrpc.php
|
Brute-Force
Web App Attack
|
|
Anonymous
|
|
(wordpress) Failed wordpress login from 45.89.242.171 (GB/United Kingdom/-)
|
Brute-Force
|
|
cmbplf
|
|
1.765 requests to */xmlrpc.php
|
Brute-Force
Bad Web Bot
|
|
mnsf
|
|
Too many Status 40X (18)
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:225170) triggered by 45.89.242.171 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:225170) triggered by 45.89.242.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 06 08:21:15.196147 2024] [security2:error] [pid 2278343:tid 2278343] [client 45.89.242.171:41325] [client 45.89.242.171] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||peterjohnsonauthor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "peterjohnsonauthor.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z1L6Szn_Nap-ieQmDM8xnAAAAAI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
mnsf
|
|
Too many Status 40X (19)
|
Brute-Force
Web App Attack
|
|
rshict
|
|
Hacking, Brute-Force, Web App Attack
|
Hacking
Brute-Force
Web App Attack
|
|
Dolphi
|
|
POST //xmlrpc.php
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.89.242.171 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.89.242.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 02:28:07.469923 2024] [security2:error] [pid 20381:tid 20381] [client 45.89.242.171:25099] [client 45.89.242.171] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||russiacoin.info|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "russiacoin.info"] [uri "/www.sql"] [unique_id "ZzBghzlTcCgqmpUO6KQW3gAAAAM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
wordpress-trap
|
Web App Attack
|
|
unifr
|
|
Unauthorized IMAP connection attempt
|
Brute-Force
|
|
FireballDWF
|
|
404 NOT FOUND
|
Web App Attack
|
|
MAGIC
|
|
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
|
DDoS Attack
Bad Web Bot
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:210730) triggered by 45.89.242.171 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:210730) triggered by 45.89.242.171 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 09 14:06:07.295323 2024] [security2:error] [pid 4296] [client 45.89.242.171:53745] [client 45.89.242.171] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.nationalenq.com|F|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.nationalenq.com"] [uri "/bak/www.sql"] [unique_id "Zo18D7Q-eatFPeIBslYEmgAAABs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|