Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 03:25:21.501279 2024] [security2:error] [pid 27143:tid 27143] [client 47.121.128.180:54160] [client 47.121.128.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 47.121.128.180 (+1 hits since last alert)|www.indoorsfinishing.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.indoorsfinishing.com"] [uri "/xmlrpc.php"] [unique_id "ZrcV4S4Ml2yjqwDeB8hi5QAAAAc"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
octageeks.com
|
|
Wordpress malicious attack:[octa404]
|
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 19:53:25.937923 2024] [security2:error] [pid 5208:tid 5208] [client 47.121.128.180:55354] [client 47.121.128.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 47.121.128.180 (+1 hits since last alert)|www.localpetsitters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.localpetsitters.com"] [uri "/xmlrpc.php"] [unique_id "Zrar9VMUGpv08ZO8JzLcXAAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 15:56:10.365449 2024] [security2:error] [pid 3332:tid 3332] [client 47.121.128.180:56870] [client 47.121.128.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 47.121.128.180 (+1 hits since last alert)|mouserart.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mouserart.com"] [uri "/xmlrpc.php"] [unique_id "ZrZ0WoN1lhZWhswCIDIzWAAAABM"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 12:12:14.767864 2024] [security2:error] [pid 31348:tid 31348] [client 47.121.128.180:47916] [client 47.121.128.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 47.121.128.180 (+1 hits since last alert)|www.j3pr.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.j3pr.com"] [uri "/xmlrpc.php"] [unique_id "ZrY_3kmuKN4soaJ25fb5GQAAABA"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Por ... show more(mod_security) mod_security (id:240335) triggered by 47.121.128.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 01:44:13.621219 2024] [security2:error] [pid 3057515:tid 3057524] [client 47.121.128.180:48914] [client 47.121.128.180] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 128.127.104.80 (0+1 hits since last alert)|www.rpiusa.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rpiusa.net"] [uri "/xmlrpc.php"] [unique_id "ZrWsrQgreg0T5Cn1ciUX0AAAAUI"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
octageeks.com
|
|
Wordpress malicious attack:[octa404]
|
Web App Attack
|
|
octageeks.com
|
|
Wordpress malicious attack:[octa404]
|
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
octageeks.com
|
|
Wordpress malicious attack:[octa404]
|
Web App Attack
|
|