Anonymous
2026-07-07 13:20:05
(1 day ago)
IP banned by Fail2Ban in jail wordpress
Web App Attack
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-07 13:18:37
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway ...
show more
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 09:18:28.871416 2026] [security2:error] [pid 14662:tid 14662] [client 103.253.203.199:61148] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.253.203.199 (+1 hits since last alert)|mindroothealth.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mindroothealth.com"] [uri "/xmlrpc.php"] [unique_id "akz8pC_Eff0X0Ae4BaSADQAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 16:35:58
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway ...
show more
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 12:35:53.573247 2026] [security2:error] [pid 30246:tid 30246] [client 103.253.203.199:54414] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.253.203.199 (+1 hits since last alert)|calvarycavaliers.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "calvarycavaliers.org"] [uri "/xmlrpc.php"] [unique_id "akqH6YVfAhvFN0JVCRP92gAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-04 22:25:29
(3 days ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 15:18:01
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway ...
show more
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 11:17:57.735639 2026] [security2:error] [pid 5172:tid 5172] [client 103.253.203.199:55648] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.253.203.199 (+1 hits since last alert)|coolcustomproducts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coolcustomproducts.com"] [uri "/xmlrpc.php"] [unique_id "akkkJQ0MT79thhpZOB3PvgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-04 11:58:25
(4 days ago)
(wordpress) Failed wordpress login from 103.253.203.199 (IN/India/103.253.203.199.threesainfoway.net ...
show more
(wordpress) Failed wordpress login from 103.253.203.199 (IN/India/103.253.203.199.threesainfoway.net)
show less
Brute-Force
๐ซ๐ท
Tilellit.PRO
2026-07-03 17:50:14
(4 days ago)
WooCommerce YITH AJAX Filder product_cat filter flood attempt with taxonomies
DDoS Attack
Bad Web Bot
๐ฆ๐บ
screwlooseit.com.au
2026-07-03 13:47:32
(5 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/103.253.203.199.threesainfoway.net
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-07-03 10:37:42
(5 days ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
Anonymous
2026-07-01 16:08:44
(1 week ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:11:53
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway ...
show more
(mod_security) mod_security (id:240335) triggered by 103.253.203.199 (103.253.203.199.threesainfoway.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:11:46.670141 2026] [security2:error] [pid 25705:tid 25705] [client 103.253.203.199:56781] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.253.203.199 (+1 hits since last alert)|kbalan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kbalan.com"] [uri "/xmlrpc.php"] [unique_id "akPqwphoWJ0o6cl_ti5zlgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-30 08:35:16
(1 week ago)
Wordpress Vunerability attack
Web App Attack