๐ฌ๐ง
noise.agency
2026-06-21 06:49:59
(1 week ago)
(wordpress) Failed wordpress login from 105.163.0.213 (KE/Kenya/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-20 16:44:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 12:44:52.305397 2026] [security2:error] [pid 30259:tid 30259] [client 105.163.0.213:3204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.163.0.213 (+1 hits since last alert)|apuntesdeinversion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apuntesdeinversion.com"] [uri "/xmlrpc.php"] [unique_id "ajbDhCDQqvOzfH5c2JmQ2wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
LTM
2026-06-20 06:20:01
(2 weeks ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 14:40:05
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 10:39:58.562985 2026] [security2:error] [pid 5617:tid 5617] [client 105.163.0.213:3601] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.163.0.213 (+1 hits since last alert)|camasmarket.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "camasmarket.com"] [uri "/xmlrpc.php"] [unique_id "ajQDPvAYd6UwOX8HPND5HwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 19:46:54
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 15:46:48.735278 2026] [security2:error] [pid 12285:tid 12285] [client 105.163.0.213:3386] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.163.0.213 (+1 hits since last alert)|dragonflytunes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dragonflytunes.com"] [uri "/xmlrpc.php"] [unique_id "ajL5qA6PMNprAt33JMnIkgAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-17 10:46:26
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.163.0.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 06:46:21.878961 2026] [security2:error] [pid 30049:tid 30049] [client 105.163.0.213:3224] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.163.0.213 (+1 hits since last alert)|lockdownclaim.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lockdownclaim.com"] [uri "/xmlrpc.php"] [unique_id "ajJ6_e8WMDD3LuNJxCgH2AAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-06-15 11:58:30
(2 weeks ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
Anonymous
2026-06-11 07:53:04
(3 weeks ago)
BruteForce IMAP/POP3/SMTP
Brute-Force
๐บ๐ธ
quilla
2026-04-03 03:20:35
(3 months ago)
Botnet infected device observed in honeypot (Vector: TCP)
DDoS Attack
๐บ๐ธ
sashan
2026-01-15 12:17:38
(5 months ago)
2026-01-15T15:17:37.336884+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=105.163.0.2 ...
show more
2026-01-15T15:17:37.336884+03:00 gate kernel: nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=105.163.0.213 DST=xxx.xxx.xxx.xxx LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=17397 DF PROTO=TCP SPT=7220 DPT=23 WINDOW=65535 RES=0x00 SYN URGP=0
...
show less
Port Scan
Anonymous
2025-11-26 05:20:06
(7 months ago)
scanning http requests from known botnet
Web App Attack
Anonymous
2025-11-22 17:08:13
(7 months ago)
RdpGuard detected brute-force attempt on IMAP
Brute-Force
๐ซ๐ท
bigorre.org
2025-10-16 11:11:56
(8 months ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
๐ฉ๐ช
Hessfr
2024-05-18 13:48:03
(2 years ago)
2024-05-18T15:44:26.450217+02:00 de kernel: [1138002.238825] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b ...
show more
2024-05-18T15:44:26.450217+02:00 de kernel: [1138002.238825] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:e1:82:93:84:c1:c1:78:9a:ea:08:00 SRC=105.163.0.213 DST=94.130.206.219 LEN=132 TOS=0x00 PREC=0x00 TTL=115 ID=44994 PROTO=UDP SPT=7886 DPT=42924 LEN=112
2024-05-18T15:44:26.556215+02:00 de kernel: [1138002.344740] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:e1:82:93:84:c1:c1:78:9a:ea:08:00 SRC=105.163.0.213 DST=94.130.206.219 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=44995 DF PROTO=TCP SPT=7930 DPT=42924 WINDOW=64240 RES=0x00 SYN URGP=0
2024-05-18T15:44:27.556220+02:00 de kernel: [1138003.344997] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:e1:82:93:84:c1:c1:78:9a:ea:08:00 SRC=105.163.0.213 DST=94.130.206.219 LEN=52 TOS=0x00 PREC=0x00 TTL=115 ID=44996 DF PROTO=TCP SPT=7930 DPT=42924 WINDOW=64240 RES=0x00 SYN URGP=0
2024-05-18T15:44:41.589033+02:00 de kernel: [1138017.378066] [UFW BLOCK] IN=enp0s31f6 OUT= MAC=90:1b:0e:e1:82:93:84:c1:c1:78:9a:ea:08:00 SRC=105.163.0.213 DST=94.130.206.219 LEN=
...
show less
Port Scan
๐ฉ๐ช
Fusl
2023-09-25 14:59:46
(2 years ago)
received unsolicited smtp data stream:
Message-ID: <45212DD4DA49D823474BB2BC2FBE4521@AQR5IWAJ>
From: ...
show more
received unsolicited smtp data stream:
Message-ID: <45212DD4DA49D823474BB2BC2FBE4521@AQR5IWAJ>
From: <[email protected] >
To: <[email protected] >
Subject: Pago asociado a su cuenta.
Date: 25 Sep 2023 19:18:37 +0200
MIME-Version: 1.0
Content-Type: multipart/alternative;
boundary="----=_NextPart_000_0021_01D9EFD8.02F7A7F8"
X-Priority: 3
X-MSMail-Priority: Normal
X-Mailer: Microsoft Outlook Express 6.00.2900.5931
X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.5994
This is a multi-part message in MIME format.
------=_NextPart_000_0021_01D9EFD8.02F7A7F8
Content-Type: text/plain;
charset="cp-850"
Content-Transfer-Encoding: quoted-printable
¡Hola!Desgraciadamente, tengo que empezar nuestra conversación =
con malas noticias para usted.Hace unos meses conseguí obtener =
acceso completo a todos los dispositivos que utiliza a diario para =
navegar por Internet.Desde ese momento, empecé a controlar y hacer =
un seguimiento de todas sus actividades en la web.Deje que le cuente =
exactamente có
show less
Email Spam