octageeks.com
2025-01-16 05:15:16
(12 hours ago)
Wordpress malicious attack:[octawpauthor]
Web App Attack
TPI-Abuse
2025-01-16 03:45:33
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 15 22:45:26.196292 2025] [security2:error] [pid 7873:tid 7873] [client 104.28.226.7:44464] [client 104.28.226.7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.28.226.7 (+1 hits since last alert)|thenursingsite.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thenursingsite.com"] [uri "/xmlrpc.php"] [unique_id "Z4iA1uwx8uNJ0rVaCw71EQAAACs"], referer: https://thenursingsite.com/xmlrpc.php show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-16 01:08:09
(16 hours ago)
(xmlrpc) Failed wordpress XMLRPC 104.28.226.7 (US/United States/-)
Brute-Force
Kenshin869
2025-01-15 23:12:53
(18 hours ago)
Wordpress unauthorized access attempt
Brute-Force
exxos
2025-01-15 22:47:19
(19 hours ago)
web exploit attacks
Web App Attack
TPI-Abuse
2025-01-15 22:36:08
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 15 17:36:00.818158 2025] [security2:error] [pid 29150:tid 29150] [client 104.28.226.7:44375] [client 104.28.226.7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.28.226.7 (+1 hits since last alert)|salernospizza.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "salernospizza.com"] [uri "/xmlrpc.php"] [unique_id "Z4g4UIc1rx8OwyCUxyzAwgAAAAI"], referer: https://salernospizza.com/xmlrpc.php show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-01-15 20:37:27
(21 hours ago)
Action: Block, Reason: DDOS attack detected
DDoS Attack
MAGIC
2025-01-15 17:10:29
(1 day ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
Anonymous
2025-01-15 17:09:08
(1 day ago)
apache vulnerability scan
Web App Attack
TPI-Abuse
2025-01-15 17:05:19
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 15 12:05:16.158078 2025] [security2:error] [pid 8910:tid 8910] [client 104.28.226.7:44327] [client 104.28.226.7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.28.226.7 (+1 hits since last alert)|rblep.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rblep.com"] [uri "/xmlrpc.php"] [unique_id "Z4fqzMkxL7XKwFnZgBsQOQAAABk"], referer: http://rblep.com/xmlrpc.php show less
Brute-Force
Bad Web Bot
Web App Attack
TPI-Abuse
2025-01-15 15:03:52
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 15 10:03:46.312838 2025] [security2:error] [pid 7605:tid 7613] [client 104.28.226.7:44352] [client 104.28.226.7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.28.226.7 (+1 hits since last alert)|www.busybeerestaurant.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.busybeerestaurant.com"] [uri "/xmlrpc.php"] [unique_id "Z4fOUhgox3ArvdS_evGu1QAAAMY"], referer: https://www.busybeerestaurant.com/xmlrpc.php show less
Brute-Force
Bad Web Bot
Web App Attack
packets-decreaser.net
2025-01-15 14:10:52
(1 day ago)
Incoming Layer 7 Flood Detected
DDoS Attack
Web Spam
selahattinalan
2025-01-15 09:49:10
(1 day ago)
7/Jan/2025:21:43:57 +0300104.28.226.7 - - [15/Jan/2025:12:49:09 +0300] "GET /xmlrpc.php HTTP/1.1" 40 ... show more 7/Jan/2025:21:43:57 +0300104.28.226.7 - - [15/Jan/2025:12:49:09 +0300] "GET /xmlrpc.php HTTP/1.1" 404 4202 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Firefox/45.0" show less
Brute-Force
Anonymous
2025-01-15 09:00:20
(1 day ago)
Trawling for Open Source CMS installs
Hacking
Brute-Force
TPI-Abuse
2025-01-15 07:55:13
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:240335) triggered by 104.28.226.7 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jan 15 02:55:06.330130 2025] [security2:error] [pid 27090:tid 27090] [client 104.28.226.7:44367] [client 104.28.226.7] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 104.28.226.7 (+1 hits since last alert)|grabagame.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "grabagame.com"] [uri "/xmlrpc.php"] [unique_id "Z4dp2iaLjA8-0diEDfTmsgAAAAg"], referer: https://grabagame.com/xmlrpc.php show less
Brute-Force
Bad Web Bot
Web App Attack