Anonymous
2026-07-03 19:15:05
(14 hours ago)
Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) ...
show more
Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) employed by Angara Technologies Group (Explicitly identified himself as enemy a week before attack began) | Attack Signature Blocked: /brands/aten/shopby/manufacturer-audiocodes-aten-rcf-lsi-ask_proxima-xclaim-projectiondesign-xyz.html | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.0.0 Safari/537.36 | (Magento Site)
show less
Hacking
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-07-03 10:41:54
(23 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ณ๐ฑ
wlt-blocker
2026-07-03 10:40:27
(23 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐ซ๐ท
masterguru
2026-07-03 10:13:14
(23 hours ago)
(xmlrpc) Apache: Failed xmlrpc access from 103.178.79.90 (PK/Pakistan/103-178-79-90.lmp.net.pk): 10 ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 103.178.79.90 (PK/Pakistan/103-178-79-90.lmp.net.pk): 10 in the last 3600 secs (0-201)
show less
Hacking
๐ฎ๐น
ciccio diddo
2026-07-02 17:31:11
(1 day ago)
CMS/WP Exploit xmlrpc port:Tcp/80,443
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 17:06:16
(1 day ago)
(mod_security) mod_security (id:225170) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 13:06:10.830697 2026] [security2:error] [pid 13683:tid 13683] [client 103.178.79.90:49506] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||isslv.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "isslv.net"] [uri "/wp-json/wp/v2/users"] [unique_id "akaaghnJ0lhGiwIdsGKeXwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:24:42
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:24:33.986315 2026] [security2:error] [pid 19352:tid 19352] [client 103.178.79.90:21361] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.178.79.90 (+1 hits since last alert)|shannonraevocalstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shannonraevocalstudio.com"] [uri "/xmlrpc.php"] [unique_id "akU_QbnOEnYlxRVX8bScxQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-01 15:52:03
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-01 14:53:16
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-01 11:00:31
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 05:59:15
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:59:11.310429 2026] [security2:error] [pid 24744:tid 24744] [client 103.178.79.90:61668] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 103.178.79.90 (+1 hits since last alert)|doctoredwinalvarez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doctoredwinalvarez.com"] [uri "/xmlrpc.php"] [unique_id "akSsr9U4y0syb2nww_EgTAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-06-30 08:10:37
(4 days ago)
Try to access /xmlrpc.php
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 13:55:32
(4 days ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-29 11:28:58
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 07:28:52.665013 2026] [security2:error] [pid 31523:tid 31523] [client 103.178.79.90:54012] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||themadwriter.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "themadwriter.us"] [uri "/wp-json/wp/v2/users"] [unique_id "akJW9HnGb3wKV6oT-8T3lQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 05:57:56
(5 days ago)
(mod_security) mod_security (id:225170) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in ...
show more
(mod_security) mod_security (id:225170) triggered by 103.178.79.90 (103-178-79-90.lmp.net.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 01:57:51.883285 2026] [security2:error] [pid 2185:tid 2185] [client 103.178.79.90:43809] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||kritaka.ai|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kritaka.ai"] [uri "/wp-json/wp/v2/users"] [unique_id "akIJX1Xq0saFt15_94qoGAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack