๐บ๐ธ
TPI-Abuse
2026-07-07 10:12:36
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:12:30.758847 2026] [security2:error] [pid 1046:tid 1046] [client 103.28.114.6:54244] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.28.114.6 (+1 hits since last alert)|soundtrax.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "soundtrax.net"] [uri "/xmlrpc.php"] [unique_id "akzRDloTSOHfdECmiAANJAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 09:43:56
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 05:43:44.594161 2026] [security2:error] [pid 20628:tid 20628] [client 103.28.114.6:60568] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.28.114.6 (+1 hits since last alert)|goldcountrygermanamericanclub.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goldcountrygermanamericanclub.org"] [uri "/xmlrpc.php"] [unique_id "akzKULRs-M8rw1CEmpQzdQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 21:42:05
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 17:41:58.421172 2026] [security2:error] [pid 25986:tid 25986] [client 103.28.114.6:53728] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.28.114.6 (+1 hits since last alert)|f40ph.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "f40ph.org"] [uri "/xmlrpc.php"] [unique_id "akwhJoF_OVped9uKWmKGdwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-06 19:08:30
(2 days ago)
Multiple WP Login Attack
Brute-Force
Anonymous
2026-07-06 16:02:10
(2 days ago)
Attac
Brute-Force
Anonymous
2026-07-05 15:46:40
(3 days ago)
Attac
Brute-Force
๐บ๐ธ
WeekendWeb
2026-07-05 11:06:26
(3 days ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:21:03
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 ...
show more
(mod_security) mod_security (id:240335) triggered by 103.28.114.6 (host-103-28-114-6.ldp.net.id): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:20:55.248095 2026] [security2:error] [pid 5026:tid 5026] [client 103.28.114.6:60476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.28.114.6 (+1 hits since last alert)|aifactoid.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aifactoid.com"] [uri "/xmlrpc.php"] [unique_id "akebF2lSmkFh0f5R855W_QAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-06-22 05:52:40
(2 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐จ๐ญ
backslash
2025-12-19 14:40:21
(6 months ago)
block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803
Bad Web Bot
๐จ๐ฟ
antihack.anarchista.xyz
2023-11-03 14:00:37
(2 years ago)
"Failed password for invalid user ssh2,hack script-phyton"
Brute-Force
SSH
๐ต๐ฑ
ChillScanner
2022-06-18 06:39:12
(4 years ago)
2 probe(s) @ TCP(445)
Port Scan
๐ฒ๐พ
syokadmin
2021-06-08 02:53:20
(5 years ago)
(mod_security) mod_security (id:949110) triggered by 103.28.114.6 (ID/Indonesia/host-103-28-114-6.ld ...
show more
(mod_security) mod_security (id:949110) triggered by 103.28.114.6 (ID/Indonesia/host-103-28-114-6.ldp.net.id): 1 in the last 3600 secs
show less
Brute-Force
๐บ๐ธ
billaids
2021-06-04 11:15:17
(5 years ago)
103.28.114.6 - - [04/Jun/2021:17:15:09 +0200] "POST /xmlrpc.php HTTP/1.1" 403 417 "-" "Mozilla/5.0 ( ...
show more
103.28.114.6 - - [04/Jun/2021:17:15:09 +0200] "POST /xmlrpc.php HTTP/1.1" 403 417 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36"
show less
Bad Web Bot
Exploited Host
Web App Attack
๐ฌ๐ง
oppidans.net
2021-04-13 09:20:32
(5 years ago)
Apr 13 13:20:28 ns3092206 kernel: [3629172.991623] [IPTABLES REFUSED] IN=eno1 OUT= MAC=a4:bf:01:23:8 ...
show more
Apr 13 13:20:28 ns3092206 kernel: [3629172.991623] [IPTABLES REFUSED] IN=eno1 OUT= MAC=a4:bf:01:23:86:16:40:ce:24:b2:7f:7c:08:00 SRC=103.28.114.6 DST=145.239.253.26 LEN=52 TOS=0x00 PREC=0x00 TTL=110 ID=4885 DF PROTO=TCP SPT=58152 DPT=445 WINDOW=8192 RES=0x00 SYN URGP=0
show less
Port Scan
Hacking