๐บ๐ธ
TPI-Abuse
2026-06-29 23:33:08
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 19:33:00.047706 2026] [security2:error] [pid 7924:tid 7924] [client 5.192.34.35:49303] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|ramseycountycorruption.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ramseycountycorruption.com"] [uri "/xmlrpc.php"] [unique_id "akMArG_melCZKvJSoTLCwgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-06-29 13:26:48
(2 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐ซ๐ฎ
YF
2026-06-29 05:00:42
(2 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 03:39:02
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 23:38:54.586444 2026] [security2:error] [pid 5781:tid 5781] [client 5.192.34.35:50388] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|kotelbarmitzvah.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kotelbarmitzvah.com"] [uri "/xmlrpc.php"] [unique_id "akHozsLGp1WdiZeQWIydcwAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 03:07:58
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 23:07:54.514975 2026] [security2:error] [pid 14485:tid 14485] [client 5.192.34.35:61861] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|edgecomix.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgecomix.com"] [uri "/xmlrpc.php"] [unique_id "akHhih3Vmvnwjcqe1K5J3QAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Kenshin869
2026-06-29 03:04:30
(2 days ago)
Wordpress unauthorized access attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 02:09:12
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 22:09:06.097659 2026] [security2:error] [pid 5303:tid 5303] [client 5.192.34.35:58506] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|localpetsitters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "localpetsitters.com"] [uri "/xmlrpc.php"] [unique_id "akHTwtiHlsWaxuI-zkaS9QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 11:50:57
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:50:51.887401 2026] [security2:error] [pid 13547:tid 13547] [client 5.192.34.35:54334] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|campnecon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "campnecon.com"] [uri "/xmlrpc.php"] [unique_id "akEKm9yhugJAIo3ngSi3SAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 11:16:37
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:16:31.957272 2026] [security2:error] [pid 32086:tid 32086] [client 5.192.34.35:58039] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|kerrywood.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kerrywood.com"] [uri "/xmlrpc.php"] [unique_id "akECj_vTPBSZQeox35XhZAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 10:45:31
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 06:45:28.487537 2026] [security2:error] [pid 19463:tid 19463] [client 5.192.34.35:61248] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|doublenaughtspycar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doublenaughtspycar.com"] [uri "/xmlrpc.php"] [unique_id "akD7SFu1ahHTEKGZptzP7gAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 09:47:05
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 05:47:01.850562 2026] [security2:error] [pid 10244:tid 10244] [client 5.192.34.35:54067] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|astglobaltech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "astglobaltech.com"] [uri "/xmlrpc.php"] [unique_id "akDtlRfYu2x94RtkfMAYcAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 03:55:21
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 23:55:15.432232 2026] [security2:error] [pid 32512:tid 32512] [client 5.192.34.35:60749] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|studioyau.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "studioyau.com"] [uri "/xmlrpc.php"] [unique_id "akCbI2GD3gdm7DaJnxhMiwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-06-28 03:00:37
(3 days ago)
5.103 post requests in 1 hour (1w1d10h)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-28 02:04:54
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 22:04:47.114012 2026] [security2:error] [pid 2812:tid 2832] [client 5.192.34.35:61389] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|whatismetamodern.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "akCBPxwZ2pfTm2_6bwRI0AAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 15:40:42
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 5.192.34.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 11:40:34.994605 2026] [security2:error] [pid 24124:tid 24124] [client 5.192.34.35:50079] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.192.34.35 (+1 hits since last alert)|36sovereignchambers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "36sovereignchambers.com"] [uri "/xmlrpc.php"] [unique_id "aj_u8q61B2jIh9yRykZU_AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack