π«π·
SpaceHost-Server
2026-07-04 22:25:22
(5 days ago)
Brute-Force
Web App Attack
π«π·
SpaceHost-Server
2026-07-03 22:25:18
(6 days ago)
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 12:40:28
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 08:40:23.745166 2026] [security2:error] [pid 6792:tid 6792] [client 103.178.79.64:62464] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.178.79.64 (+1 hits since last alert)|futuresgrowhere.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "futuresgrowhere.com"] [uri "/xmlrpc.php"] [unique_id "akett8UxReTZryF9VYxdFQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
bazter.pro
2026-07-03 09:38:10
(6 days ago)
Fail2Ban: plesk-bot-aggressive - 15 failures
Port Scan
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 06:22:42
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:22:34.838175 2026] [security2:error] [pid 5120:tid 5120] [client 103.178.79.64:63548] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||meganmurph.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "meganmurph.com"] [uri "/wp-json/wp/v2/users"] [unique_id "akdVKr4fYfBTNpjaZWlnIAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Marc
2026-07-02 16:38:05
(1 week ago)
103.178.79.64 - - [02/Jul/2026:18:37:43 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3719 "-" "Jetpack/13. ...
show more
103.178.79.64 - - [02/Jul/2026:18:37:43 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3719 "-" "Jetpack/13.0; WordPress/6.4; http://site91999195.com" 103.178.79.64 - - [02/Jul/2026:18:37:53 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3718 "-" "Jetpack/12.0; WordPress/6.2; http://site39613948.com" 103.178.79.64 - - [02/Jul/2026:18:38:04 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3718 "-" "WordPress.com; https://wordpress.com"
show less
Brute-Force
Web App Attack
πͺπΈ
alferez
2026-07-02 15:01:21
(1 week ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 13:36:33
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 09:36:29.260398 2026] [security2:error] [pid 24716:tid 24716] [client 103.178.79.64:33482] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.178.79.64 (+1 hits since last alert)|jennyfiore.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jennyfiore.com"] [uri "/xmlrpc.php"] [unique_id "akZpXWZPFfb3e-NVEjJWDgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
ConsulHosting
2026-07-02 10:47:40
(1 week ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
π«π·
masterguru
2026-07-02 08:29:31
(1 week ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
Anonymous
2026-07-02 06:28:10
(1 week ago)
Attac
Brute-Force
πΊπΈ
kosada.com
2026-06-29 12:12:02
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
π³π±
EGP Abuse Dept
2026-06-18 09:32:07
(3 weeks ago)
Scanning for port/service exploits on tpc-027.mach3builders.nl
Port Scan
Hacking
π¬π§
PeravixGroup
2026-06-05 06:52:56
(1 month ago)
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aar ...
show more
Honeypot detection: SMB / Windows file sharing exploitation attempt on port 445. Severity: HIGH. Aaran.cloud
show less
Hacking
Exploited Host
πΊπΈ
TPI-Abuse
2026-05-26 22:50:33
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 103.178.79.64 (103-178-79-64.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 18:50:25.884863 2026] [security2:error] [pid 16736:tid 16736] [client 103.178.79.64:37725] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.178.79.64 (+1 hits since last alert)|jaragoodrich.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jaragoodrich.com"] [uri "/xmlrpc.php"] [unique_id "ahYjscVUmjsgVmI25q0KhQAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack