Anonymous
2026-07-06 05:53:10
(1 day ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 05:23:53
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 163.61.128.140 (dyn-163-61-128-140.swis.com.pk) ...
show more
(mod_security) mod_security (id:240335) triggered by 163.61.128.140 (dyn-163-61-128-140.swis.com.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 01:23:48.310925 2026] [security2:error] [pid 11957:tid 11957] [client 163.61.128.140:19679] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 163.61.128.140 (+1 hits since last alert)|mfleetservice.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mfleetservice.com"] [uri "/xmlrpc.php"] [unique_id "aks75OWSdQjmYqEgts4-dQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 04:49:25
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 163.61.128.140 (dyn-163-61-128-140.swis.com.pk) ...
show more
(mod_security) mod_security (id:240335) triggered by 163.61.128.140 (dyn-163-61-128-140.swis.com.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 00:49:19.864919 2026] [security2:error] [pid 15073:tid 15073] [client 163.61.128.140:49640] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 163.61.128.140 (+1 hits since last alert)|christaylorjazzpianist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "christaylorjazzpianist.com"] [uri "/xmlrpc.php"] [unique_id "akniT6lWTtDsEwqyzBuecAAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 04:45:40
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 163.61.128.140 (dyn-163-61-128-140.swis.com.pk) ...
show more
(mod_security) mod_security (id:240335) triggered by 163.61.128.140 (dyn-163-61-128-140.swis.com.pk): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 00:45:35.419095 2026] [security2:error] [pid 8129:tid 8129] [client 163.61.128.140:63813] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 163.61.128.140 (+1 hits since last alert)|nomorenicenice.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nomorenicenice.net"] [uri "/xmlrpc.php"] [unique_id "akc-b_zc1l9FLEnDV6rM4gAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 07:28:14
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฉ๐ช
Vegascosmetics
2026-06-26 19:28:04
(1 week ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-04-05 15:19:44
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 163.61.128.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.61.128.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 11:19:38.563715 2026] [security2:error] [pid 16565:tid 16565] [client 163.61.128.140:63746] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||artevoix.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "artevoix.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adJ9inZFJ8aOjJ7VnH_kUAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-05 13:43:25
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 163.61.128.140 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 163.61.128.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 09:43:21.134002 2026] [security2:error] [pid 10037:tid 10037] [client 163.61.128.140:50668] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||arriagarealestate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "arriagarealestate.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adJm-RifBDvjnWmWmrrbdwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
polido
2026-04-05 12:49:37
(3 months ago)
Unauthorized connection attempt to port 443 from 163.61.128.140
Port Scan
๐ต๐ฑ
IROK
2026-04-05 00:16:58
(3 months ago)
Malware/WebShell Scan blocked by ModSecurity
...
Hacking
Anonymous
2026-04-03 08:33:40
(3 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ฉ๐ช
EGP Abuse Dept
2026-03-27 05:29:38
(3 months ago)
Scraping webshop URLs (www.badgehouder.nl), likely botnet drone
Bad Web Bot
Exploited Host
๐ฉ๐ช
big-cloud.nl
2026-03-22 14:48:20
(3 months ago)
Try to access /xmlrpc.php
Web App Attack
๐จ๐ญ
backslash
2026-03-21 02:21:03
(3 months ago)
block ruleset DA4A07AEE48B136A3922182BE8AA8BFBC1840803
Bad Web Bot