๐ฒ๐พ
Rizzy
2026-07-13 11:03:48
(52 minutes ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 10:34:14
(1 hour ago)
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 06:34:06.761909 2026] [security2:error] [pid 10550:tid 10550] [client 113.199.241.174:53854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 113.199.241.174 (+1 hits since last alert)|paleopathologist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "paleopathologist.com"] [uri "/xmlrpc.php"] [unique_id "alS_HuebqFi-pE7Qx_Y8PgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 08:52:31
(3 hours ago)
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 04:52:27.879087 2026] [security2:error] [pid 29786:tid 29786] [client 113.199.241.174:55020] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 113.199.241.174 (+1 hits since last alert)|dynamic-therapy-mn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dynamic-therapy-mn.com"] [uri "/xmlrpc.php"] [unique_id "alSnS8gqtD6_EIkdOElw9AAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 07:52:54
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 03:52:49.761230 2026] [security2:error] [pid 15334:tid 15334] [client 113.199.241.174:51759] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 113.199.241.174 (+1 hits since last alert)|seskalee.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seskalee.com"] [uri "/xmlrpc.php"] [unique_id "alSZUZk1IKAKGagZFWkuewAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 06:13:25
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 02:13:21.391500 2026] [security2:error] [pid 3158:tid 3158] [client 113.199.241.174:56419] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 113.199.241.174 (+1 hits since last alert)|modalguitarist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "modalguitarist.com"] [uri "/xmlrpc.php"] [unique_id "alSCATFbVx7wS70e7ZrYLgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TAY
2026-07-13 06:10:35
(5 hours ago)
113.199.241.174 - - [13/Jul/2026:14:10:12 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "WordPress ...
show more
113.199.241.174 - - [13/Jul/2026:14:10:12 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "WordPress.com; https://wordpress.com"
113.199.241.174 - - [13/Jul/2026:14:10:22 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "Jetpack by WordPress.com"
113.199.241.174 - - [13/Jul/2026:14:10:33 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5935 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.2)"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-18 13:03:07
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 113.199.241.174 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 09:02:59.162377 2026] [security2:error] [pid 16020:tid 16020] [client 113.199.241.174:53362] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 113.199.241.174 (+1 hits since last alert)|schlegelcreative.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schlegelcreative.com"] [uri "/xmlrpc.php"] [unique_id "agsOA3Pp1pcCHE3ZK2sojAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-05-18 10:32:59
(1 month ago)
Bad Web Bot
Web App Attack
Anonymous
2025-11-19 13:37:36
(7 months ago)
scanning http requests from known botnet
Web App Attack