๐บ๐ธ
TPI-Abuse
2026-07-17 14:40:52
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 10:40:48.948702 2026] [security2:error] [pid 26071:tid 26134] [client 211.224.82.142:63509] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 211.224.82.142 (+1 hits since last alert)|kettlehill.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kettlehill.com"] [uri "/xmlrpc.php"] [unique_id "alo-8J8WBc1gswy5tX-zqAAAAcU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Dave Hansen
2026-07-17 14:38:27
(1 day ago)
(wordpress) Failed wordpress login from 211.224.82.142 (KR/South Korea/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-17 13:07:15
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 09:07:07.365112 2026] [security2:error] [pid 424384:tid 424384] [client 211.224.82.142:65432] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 211.224.82.142 (+1 hits since last alert)|helloauto.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "helloauto.net"] [uri "/xmlrpc.php"] [unique_id "aloo-17X_xmCiCvKJHrYCQAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-16 22:29:02
(2 days ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:44:10
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:44:04.316142 2026] [security2:error] [pid 30707:tid 30707] [client 211.224.82.142:53478] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 211.224.82.142 (+1 hits since last alert)|konahawaiirealty.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "konahawaiirealty.com"] [uri "/xmlrpc.php"] [unique_id "alkKVCbN-k_LJVPj15fEKAAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 16:19:11
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 12:19:05.786654 2026] [security2:error] [pid 1899:tid 1899] [client 211.224.82.142:53830] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 211.224.82.142 (+1 hits since last alert)|pakistanvision.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pakistanvision.com"] [uri "/xmlrpc.php"] [unique_id "alkEeT3-sT_YI-nuSMwkyAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 13:10:01
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:09:56.628274 2026] [security2:error] [pid 7937:tid 7937] [client 211.224.82.142:51336] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 211.224.82.142 (+1 hits since last alert)|proyectomanhattan.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "proyectomanhattan.info"] [uri "/xmlrpc.php"] [unique_id "aljYJHsyJ8D5_ErnmF0HTwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-15 22:27:50
(3 days ago)
Brute-Force
Web App Attack
๐ฎ๐น
Progetto1
2026-07-14 17:50:02
(4 days ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-14 17:18:56
(4 days ago)
cloudlinux2 fail2ban: 2026-07-14 19:13:58,399 fail2ban.filter [1878]: INFO [plesk-modsecu ...
show more
cloudlinux2 fail2ban: 2026-07-14 19:13:58,399 fail2ban.filter [1878]: INFO [plesk-modsecurity] Found 157.122.168.244 - 2026-07-14 19:13:57cloudlinux2 fail2ban: 2026-07-14 19:14:36,369 fail2ban.filter [1878]: INFO [plesk-modsecurity] Found 92.118.170.31 - 2026-07-14 19:14:36cloudlinux2 fail2ban: 2026-07-14 19:15:15,046 fail2ban.filter [1878]: INFO [plesk-wordpress] Found 51.91.9.146 - 2026-07-14 19:15:14cloudlinux2 fail2ban: 2026-07-14 19:15:40,489 fail2ban.actions [1878]: NOTICE [plesk-modsecurity] Ban 92.118.170.31cloudlinux2 fail2ban: 2026-07-14 19:15:40,321 fail2ban.filter [1878]: INFO [plesk-modsecurity] Found 92.118.170.31 - 2026-07-14 19:15:40cloudlinux2 fail2ban: 2026-07-14 19:15:40,497 fail2ban.filter [1878]: INFO [recidive] Found 92.118.170.31 - 2026-07-14 19:15:40cloudlinux2 fail2ban: 2026-07-14 19:16:30,064 fail2ban.filter [1878]: INFO [plesk-modsecurity] Found 211.224.82.142 - 2026-07-14 19:16:30cloudlinux2 fail2ban: 2026-07
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 16:44:12
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 211.224.82.142 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 12:44:08.108915 2026] [security2:error] [pid 28333:tid 28333] [client 211.224.82.142:58803] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 211.224.82.142 (+1 hits since last alert)|lukeschicago.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lukeschicago.com"] [uri "/xmlrpc.php"] [unique_id "alZnWBrOaekWG2-O4bJmbQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack