๐ซ๐ท
SpaceHost-Server
2026-06-18 22:32:13
(1 week ago)
Brute-Force
Web App Attack
๐ฉ๐ช
konseptit
2026-06-18 12:22:07
(1 week ago)
(wordpress) Failed wordpress login from 39.48.176.236 (PK/Pakistan/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-18 11:08:46
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 07:08:41.120383 2026] [security2:error] [pid 14763:tid 14763] [client 39.48.176.236:22930] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.176.236 (+1 hits since last alert)|bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigholegolf.com"] [uri "/xmlrpc.php"] [unique_id "ajPRuQBm50_W1_qPPQQnUQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
pscriptos
2026-06-18 09:48:49
(1 week ago)
{"ClientAddr":"39.48.176.236:60860","ClientHost":"39.48.176.236","ClientPort":"60860","ClientUsernam ...
show more
{"ClientAddr":"39.48.176.236:60860","ClientHost":"39.48.176.236","ClientPort":"60860","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":168205590,"OriginContentSize":418,"OriginDuration":163887815,"OriginStatus":403,"Overhead":4317775,"RequestAddr":"www.cleveradmin.de","RequestContentSize":705,"RequestCount":557797,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-06-18T11:48:28.062132034+02:00","StartUTC":"2026-06-18T09:48:28.062132034Z","TLSCipher":"TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256","TLSVersion":"1.2","entryPointName":"websecure","level":"info","msg":"","time":"2026-06-18T11:48:28+02:00"}
{"ClientAddr":"39.48.176.236:60860","ClientHost":"39.48.176.236","C
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 08:38:47
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 04:38:41.895098 2026] [security2:error] [pid 14374:tid 14374] [client 39.48.176.236:12595] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.176.236 (+1 hits since last alert)|talentstar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talentstar.com"] [uri "/xmlrpc.php"] [unique_id "ajOukYubt6Obdq9QQQhOvQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 06:16:55
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 02:16:50.031314 2026] [security2:error] [pid 5810:tid 5810] [client 39.48.176.236:20529] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.176.236 (+1 hits since last alert)|answeringilliana.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "answeringilliana.com"] [uri "/xmlrpc.php"] [unique_id "ajONUoYMfhrt-s1jhfxHpwAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 05:15:09
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.48.176.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 01:15:05.211313 2026] [security2:error] [pid 2110:tid 2110] [client 39.48.176.236:63026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.48.176.236 (+1 hits since last alert)|schlegelcreative.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schlegelcreative.com"] [uri "/xmlrpc.php"] [unique_id "ajN-2bC3jPXAGoZXK3yt1AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-18 05:13:36
(1 week ago)
(wordpress) Failed wordpress login from 39.48.176.236 (PK/Pakistan/-)
Brute-Force