๐ฉ๐ช
4server
2026-06-19 07:29:33
(1 week ago)
[FriJun1909:29:21.3140382026][security2:error][pid1950807:tid1950930][client118.179.70.189:0]ModSecu ...
show more
[FriJun1909:29:21.3140382026][security2:error][pid1950807:tid1950930][client118.179.70.189:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"parrocchiaditesserete.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajTv0W0H6h5nONlpTnPqCwAAAMw\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-18 18:59:17
(1 week ago)
Unauthorized access to webpage admin
Web App Attack
๐ฉ๐ช
LRob.fr
2026-06-13 10:30:05
(2 weeks ago)
Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail
Bad Web Bot
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-13 01:02:13
(2 weeks ago)
Unauthorized access to webpage admin
Web App Attack
Anonymous
2026-06-12 17:45:04
(2 weeks ago)
118.179.70.189 - - [13/Jun/2026:01:45:04 +0800] "POST /xmlrpc.php HTTP/1.1" 404 297632 "-" "Mozilla/ ...
show more
118.179.70.189 - - [13/Jun/2026:01:45:04 +0800] "POST /xmlrpc.php HTTP/1.1" 404 297632 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Safari/12.0.0.0 Safari/537.36"
...
show less
Bad Web Bot
Web App Attack
๐ท๐บ
Mga Admin
2026-06-10 17:28:48
(3 weeks ago)
118.179.70.189 - - [11/Jun/2026:00:28:47 +0700] "POST /xmlrpc.php HTTP/1.1" 404 69 "-" "Mozilla/5.0 ...
show more
118.179.70.189 - - [11/Jun/2026:00:28:47 +0700] "POST /xmlrpc.php HTTP/1.1" 404 69 "-" "Mozilla/5.0 (Windows NT 10.0; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/100.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ซ๐ท
Sklurk
2026-05-15 03:54:33
(1 month ago)
Web App Attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-30 01:43:38
(2 months ago)
(mod_security) mod_security (id:217210) triggered by 118.179.70.189 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:217210) triggered by 118.179.70.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 21:43:28.389812 2026] [security2:error] [pid 5801:tid 5801] [client 118.179.70.189:58748] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./]*(?::\\\\d+)?)?/[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?|options \\\\*)\\\\s+[\\\\w\\\\./]+|get /[^?#]*(?:\\\\?[^#\\\\s]*)?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line||brazilianioysysty.shop|F|4"] [data "GET http://brazilianioysysty.shop HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "brazilianioysysty.shop"] [uri "/"] [unique_id "afKzwCNi6xYnhE9ut3ETKAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-26 04:51:43
(2 months ago)
(mod_security) mod_security (id:210730) triggered by 118.179.70.189 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 118.179.70.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 00:51:33.664911 2026] [security2:error] [pid 26237:tid 26237] [client 118.179.70.189:47536] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||vitalitywebb.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Martinsdale 3080/Thumbs.db"] [unique_id "ae2Z1T8_uYyFrOQpxVn-RQAAAAU"], referer: https://vitalitywebb.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-04-05 07:36:24
(2 months ago)
Web bot: DDoS
DDoS Attack
Bad Web Bot
Anonymous
2026-01-02 07:08:33
(5 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in thread-skip.asp
show less
Bad Web Bot
Exploited Host
๐ณ๐ฑ
exxos
2025-07-29 02:35:39
(11 months ago)
HTTP1.x attacks
DDoS Attack
๐ช๐ธ
Global Cyber Police
2025-07-27 18:02:00
(11 months ago)
Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).
Port Scan
Brute-Force
Web App Attack
๐ณ๐ฑ
exxos
2025-07-24 17:26:10
(11 months ago)
HTTP1.x attacks
DDoS Attack