๐บ๐ธ
TPI-Abuse
2026-07-09 11:39:25
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com ...
show more
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 07:39:20.013280 2026] [security2:error] [pid 26797:tid 26797] [client 103.241.82.39:59304] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.241.82.39 (+1 hits since last alert)|slimlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "slimlaw.com"] [uri "/xmlrpc.php"] [unique_id "ak-IaPg59VU_yV2dVTV6ggAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 09:13:45
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com ...
show more
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 05:13:39.947653 2026] [security2:error] [pid 22157:tid 22157] [client 103.241.82.39:54856] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.241.82.39 (+1 hits since last alert)|pearlhomesfw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pearlhomesfw.com"] [uri "/xmlrpc.php"] [unique_id "ak9mQyLxnEfGa8rXTGTdiwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 05:55:15
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com ...
show more
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 01:55:11.707522 2026] [security2:error] [pid 28214:tid 28214] [client 103.241.82.39:54808] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.241.82.39 (+1 hits since last alert)|apexhumanoidrobots.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apexhumanoidrobots.com"] [uri "/xmlrpc.php"] [unique_id "ak83v8NPclzwDDnLgqq9YgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-09 04:16:10
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-07-06 16:00:26
(4 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ซ๐ท
dynamix
2026-07-06 15:41:22
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 08:39:42
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com ...
show more
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 04:39:38.381144 2026] [security2:error] [pid 32406:tid 32406] [client 103.241.82.39:51142] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.241.82.39 (+1 hits since last alert)|abcollie.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "abcollie.com"] [uri "/xmlrpc.php"] [unique_id "akoYSpqmpkdKsP1NVz4FGwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 04:42:51
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com ...
show more
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:42:45.373456 2026] [security2:error] [pid 17072:tid 17072] [client 103.241.82.39:55694] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.241.82.39 (+1 hits since last alert)|metcomarine.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "metcomarine.com"] [uri "/xmlrpc.php"] [unique_id "akiPRZhOw-FZd3JuJn7lTgAAAEs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-03 10:15:00
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-03 08:06:04
(1 week ago)
Trying to access config files
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 15:02:37
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com ...
show more
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 11:02:31.321484 2026] [security2:error] [pid 4278:tid 4278] [client 103.241.82.39:62416] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.241.82.39 (+1 hits since last alert)|tenmenband.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tenmenband.com"] [uri "/xmlrpc.php"] [unique_id "akKJB7TXbYtBgl0arlpoyAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:52:22
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com ...
show more
(mod_security) mod_security (id:240335) triggered by 103.241.82.39 (39.82.241.103-pnq.gazonindia.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:52:18.152994 2026] [security2:error] [pid 16498:tid 16498] [client 103.241.82.39:62869] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.241.82.39 (+1 hits since last alert)|barecreationsaz.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "barecreationsaz.com"] [uri "/xmlrpc.php"] [unique_id "akIWIom3h-D8YP4rA5HV5AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-12-10 12:01:04
(7 months ago)
botnet
DDoS Attack