DO Ideas 2

Look into this

Category: Intrusion Prevention
Date & Time,Risk,Activity,Status,Recommended Action,IPS Alert Name,Default Action,Action Taken,Attacking Computer,Attacker URL,Destination Address,Source Address,Traffic Description
7/27/2017 8:33:10 AM,High,An intrusion attempt by server1.weclickyouclicktoday.com was blocked.,Blocked,No Action Required,Web Attack: Fake Tech Support Website 62,No Action Required,No Action Required,"server1.weclickyouclicktoday.com (138.197.58.142, 80)","server1.weclickyouclicktoday.com/?a=AZ&pagex=13&s1=NzgbhEL7STRsus_PdpMcyKjjQEvIBj_d1nekdFEfGGdxsykiJ1EOp5eq9CbsDYpEPR1KwU7fdA_YgVzKJDV_Ww,,&os=Windows&browser=Chrome&isp=Att Internet Services&ip=104.53.170.149","DESKTOP-7TFUTU7 (192.168.1.69, 58079)",server1.weclickyouclicktoday.com (138.197.58.142),"TCP, www-http"
Network traffic from <b>server1.weclickyouclicktoday.com/?a=AZ&pagex=13&s1=NzgbhEL7STRsus_PdpMcyKjjQEvIBj_d1nekdFEfGGdxsykiJ1EOp5eq9CbsDYpEPR1KwU7fdA_YgVzKJDV_Ww,,&os=Windows&browser=Chrome&isp=Att Internet Services&ip=104.53.170.149</b> matches the signature of a known attack. The attack was resulted from \DEVICE\HARDDISKVOLUME2\PROGRAM FILES (X86)\GOOGLE\CHROME\APPLICATION\CHROME.EXE. To stop being notified for this type of traffic, in the <b>Actions</b> panel, click <b>Stop Notifying Me</b>.

  • Myron O Rogers
  • Sep 11 2018
  • Attach files