Marc
|
|
|
Brute-Force
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 19 09:39:39.305073 2024] [security2:error] [pid 13834:tid 13834] [client 223.74.157.70:33201] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|www.arthouse-creative.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.arthouse-creative.com"] [uri "/xmlrpc.php"] [unique_id "Zuwpm8OncACm42mH_SpzNQAAAAg"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 19 05:04:06.712600 2024] [security2:error] [pid 22263:tid 22263] [client 223.74.157.70:10608] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|blindshine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blindshine.com"] [uri "/xmlrpc.php"] [unique_id "ZuvpBjDcb84yTaI3AaS0kQAAAA4"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
lewisakura
|
|
223.74.157.70 - - [19/Sep/2024:01:44:29 +0000] "POST /wp-login.php HTTP/1.1" 404 156 "-" "Mozilla/5. ... show more223.74.157.70 - - [19/Sep/2024:01:44:29 +0000] "POST /wp-login.php HTTP/1.1" 404 156 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" 223.74.157.70 - - [19/Sep/2024:02:18:27 +0000] "POST /wp-login.php HTTP/1.1" 404 156 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" show less
|
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
apache-wordpress-login
|
Brute-Force
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 22:33:44.861473 2024] [security2:error] [pid 15894:tid 15894] [client 223.74.157.70:25652] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|www.beatthegm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.beatthegm.com"] [uri "/xmlrpc.php"] [unique_id "Zuo8COm681QXgaUuWfGu3QAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 17:18:30.137130 2024] [security2:error] [pid 27619:tid 27619] [client 223.74.157.70:10670] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|procigar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "procigar.com"] [uri "/xmlrpc.php"] [unique_id "ZunyJvdm7vFQ1lVb-s0WwQAAAAo"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 16:16:27.983090 2024] [security2:error] [pid 30279:tid 30279] [client 223.74.157.70:25605] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|www.goldcountrygermanamericanclub.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.goldcountrygermanamericanclub.org"] [uri "/xmlrpc.php"] [unique_id "Zunjm4hMB9KrwTO0-hE5UgAAACQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 15:31:33.542672 2024] [security2:error] [pid 2766:tid 2766] [client 223.74.157.70:25961] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|lemoulinavent.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lemoulinavent.org"] [uri "/xmlrpc.php"] [unique_id "ZunZFUbh0zEB8kuAcjIx7QAAACE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 12:09:13.002286 2024] [security2:error] [pid 25924:tid 25924] [client 223.74.157.70:25611] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|www.rockinr.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rockinr.org"] [uri "/xmlrpc.php"] [unique_id "ZumpqPYAPnzqCbmPu6_k3AAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 17 00:16:33.073648 2024] [security2:error] [pid 1179:tid 1179] [client 223.74.157.70:25829] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|www.fgrotary.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.fgrotary.org"] [uri "/xmlrpc.php"] [unique_id "ZukCoWximsMmu-MNIyPJ3QAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 15 19:49:43.654100 2024] [security2:error] [pid 23610:tid 23610] [client 223.74.157.70:10624] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|artisvilla.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artisvilla.com"] [uri "/xmlrpc.php"] [unique_id "Zudyl79-qmPhTeVEKJHMsgAAAAQ"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 15 15:42:54.202854 2024] [security2:error] [pid 3802242:tid 3802250] [client 223.74.157.70:25511] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.152.187.215 (1+1 hits since last alert)|www.rawhabitat.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rawhabitat.com"] [uri "/xmlrpc.php"] [unique_id "Zuc4vl43v58XGh0ucO9OOgAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 15 06:02:51.440027 2024] [security2:error] [pid 8128:tid 8128] [client 223.74.157.70:25661] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|chicagoinquirer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "chicagoinquirer.com"] [uri "/xmlrpc.php"] [unique_id "Zuawy-o181mKjjT9IFcpEQAAAA8"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.70 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 14 23:45:52.016965 2024] [security2:error] [pid 4129:tid 4129] [client 223.74.157.70:25918] [client 223.74.157.70] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.70 (+1 hits since last alert)|www.profitablepurposes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.profitablepurposes.com"] [uri "/xmlrpc.php"] [unique_id "ZuZYcLYPbhNbTHmTjE982QAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|