TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 15 07:47:12.091391 2024] [security2:error] [pid 15334:tid 15334] [client 223.74.157.90:17064] [client 223.74.157.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.90 (+1 hits since last alert)|www.thomasgardner.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.thomasgardner.com"] [uri "/xmlrpc.php"] [unique_id "Zr3qwLxvABmFUt13LpZdhAAAAAw"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
spyra.rocks
|
|
WordPress Backend Shield
|
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
Anonymous
|
|
(wordpress) Failed wordpress login from 223.74.157.90 (CN/China/-)
|
Brute-Force
|
|
Anonymous
|
|
|
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 10 09:24:39.923738 2024] [security2:error] [pid 20902:tid 20902] [client 223.74.157.90:13555] [client 223.74.157.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.90 (+1 hits since last alert)|www.nuewines.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.nuewines.com"] [uri "/xmlrpc.php"] [unique_id "ZrdqF1gnvGlkKqbZk8Hd_QAAAAE"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 02:09:52.011816 2024] [security2:error] [pid 5639:tid 5639] [client 223.74.157.90:12665] [client 223.74.157.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.90 (+1 hits since last alert)|lemoulinavent.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lemoulinavent.org"] [uri "/xmlrpc.php"] [unique_id "ZrWysF_Vo2Awso-4YYKTMwAAAAs"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 01:17:35.548385 2024] [security2:error] [pid 23005:tid 23028] [client 223.74.157.90:16709] [client 223.74.157.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.90 (+1 hits since last alert)|www.annacaird.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.annacaird.com"] [uri "/xmlrpc.php"] [unique_id "ZrWmb42MJMaiOb0IuFVa3QAAAVU"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Port ... show more(mod_security) mod_security (id:240335) triggered by 223.74.157.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Aug 08 19:50:57.826066 2024] [security2:error] [pid 21820:tid 21820] [client 223.74.157.90:13085] [client 223.74.157.90] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 223.74.157.90 (+1 hits since last alert)|chicagoinquirer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "chicagoinquirer.com"] [uri "/xmlrpc.php"] [unique_id "ZrVZ4eoseoFuxPSy8GYcmgAAAAY"] show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|