๐บ๐ธ
TPI-Abuse
2026-06-23 10:18:37
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 06:18:32.096274 2026] [security2:error] [pid 17153:tid 17214] [client 45.239.238.96:30917] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.96 (+1 hits since last alert)|seriousgames-system.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seriousgames-system.info"] [uri "/xmlrpc.php"] [unique_id "ajpdeLibdoOXe3uqjkKK8wAAAQc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 05:11:50
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 01:11:46.490283 2026] [security2:error] [pid 8319:tid 8319] [client 45.239.238.96:30570] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.96 (+1 hits since last alert)|thinkingepic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thinkingepic.com"] [uri "/xmlrpc.php"] [unique_id "ajoVktVRrAKSrGst9ccYrwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-23 02:58:35
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 22:58:29.254417 2026] [security2:error] [pid 29960:tid 29960] [client 45.239.238.96:30020] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.96 (+1 hits since last alert)|vintageamptubes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vintageamptubes.com"] [uri "/xmlrpc.php"] [unique_id "ajn2VUv8vdT5qRRiql5YwwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-06-22 22:50:35
(6 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BR/Brazil/-
Web App Attack
๐ง๐ช
cmbplf
2026-06-22 22:30:47
(6 days ago)
2.761 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-22 22:20:55
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 18:20:48.428315 2026] [security2:error] [pid 26340:tid 26340] [client 45.239.238.96:29977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.96 (+1 hits since last alert)|yanlidesign.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yanlidesign.com"] [uri "/xmlrpc.php"] [unique_id "ajm1QLbMAh3Rnq224qSjjgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-22 21:49:29
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 17:49:20.586604 2026] [security2:error] [pid 22235:tid 22235] [client 45.239.238.96:29549] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.96 (+1 hits since last alert)|vzan.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vzan.org"] [uri "/xmlrpc.php"] [unique_id "ajmt4HvapjFDitTMw5ik6wAAAFI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bigorre.org
2025-11-11 01:02:58
(7 months ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐ณ๐ฑ
exxos
2025-09-14 03:03:01
(9 months ago)
Attacks with Bad user agents
Hacking