๐บ๐ธ
TPI-Abuse
2026-07-02 04:24:45
(1 hour ago)
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:24:41.993554 2026] [security2:error] [pid 30388:tid 30388] [client 103.2.134.42:60771] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.2.134.42 (+1 hits since last alert)|natickvillagerentals.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "natickvillagerentals.com"] [uri "/xmlrpc.php"] [unique_id "akXoCTDjiXpIpyXWOS7VogAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
YF
2026-07-02 04:10:11
(1 hour ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ฆ๐บ
clapper
2026-07-01 10:54:22
(18 hours ago)
(mod_security) mod_security (id:350202) triggered by 103.2.134.42 (IN/India/node-103-2-134-42.allian ...
show more
(mod_security) mod_security (id:350202) triggered by 103.2.134.42 (IN/India/node-103-2-134-42.alliancebroadband.in): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-01 10:23:04
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 06:22:55.509793 2026] [security2:error] [pid 26374:tid 26374] [client 103.2.134.42:53880] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.2.134.42 (+1 hits since last alert)|snowrideadventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "snowrideadventures.com"] [uri "/xmlrpc.php"] [unique_id "akTqf_sciRWJI3rIskDg-AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-01 09:51:53
(19 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-27 08:15:50
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 04:15:44.006761 2026] [security2:error] [pid 22658:tid 22658] [client 103.2.134.42:64253] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.2.134.42 (+1 hits since last alert)|cynosurehomeservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurehomeservices.com"] [uri "/xmlrpc.php"] [unique_id "aj-GsLYTtX7LPZdlbDK_1wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 06:43:11
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 02:43:04.262914 2026] [security2:error] [pid 15185:tid 15185] [client 103.2.134.42:51668] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.2.134.42 (+1 hits since last alert)|tracytappan.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tracytappan.net"] [uri "/xmlrpc.php"] [unique_id "aj9w-AzucVPi2pR6EsQ66QAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-06-27 04:16:33
(5 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/node-103-2-134-42.alliancebroadband.in
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 12:07:41
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:07:36.955075 2026] [security2:error] [pid 14378:tid 14378] [client 103.2.134.42:59731] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.2.134.42 (+1 hits since last alert)|modalguitarist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modalguitarist.com"] [uri "/xmlrpc.php"] [unique_id "aj5riA5qT8iBBCDP0ZOolQAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 10:42:06
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 06:41:58.457598 2026] [security2:error] [pid 15402:tid 15402] [client 103.2.134.42:49468] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.2.134.42 (+1 hits since last alert)|nekstlevel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nekstlevel.com"] [uri "/xmlrpc.php"] [unique_id "aj5Xdu7-guKY3RmKE1GamAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-26 07:10:12
(5 days ago)
(wordpress) Failed wordpress login from 103.2.134.42 (IN/India/node-103-2-134-42.alliancebroadband.i ...
show more
(wordpress) Failed wordpress login from 103.2.134.42 (IN/India/node-103-2-134-42.alliancebroadband.in)
show less
Brute-Force
๐ณ๐ฑ
Site.eu
2026-06-26 06:42:30
(5 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ง๐ช
cmbplf
2026-06-26 05:33:41
(6 days ago)
3.289 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-26 05:28:30
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 103.2.134.42 (node-103-2-134-42.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 01:28:22.802751 2026] [security2:error] [pid 11746:tid 11746] [client 103.2.134.42:63189] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.2.134.42 (+1 hits since last alert)|mjkhan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mjkhan.com"] [uri "/xmlrpc.php"] [unique_id "aj4N9jW3P39KUwm8-TTbdAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-26 04:25:48
(6 days ago)
Bad Web Bot
Web App Attack