๐บ๐ธ
cwytech
2026-06-29 17:08:30
(1 day ago)
Fleet-wide ban from the Ghostfleet ๐ป. Triggered by scenario: cwy/wp-us-login-only-high.
Bad Web Bot
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 16:29:31
(1 day ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
Anonymous
2026-06-29 11:00:21
(1 day ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-29 10:48:03
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 06:47:55.928713 2026] [security2:error] [pid 27386:tid 27621] [client 197.188.132.222:16835] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.222 (+1 hits since last alert)|seriousgames-system.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seriousgames-system.info"] [uri "/xmlrpc.php"] [unique_id "akJNW9mmd_QTv8mrU368WQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Vegascosmetics
2026-06-29 06:21:21
(1 day ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ซ๐ท
YF
2026-06-27 05:30:37
(3 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-27 03:20:34
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:20:30.661430 2026] [security2:error] [pid 23890:tid 23890] [client 197.188.132.222:22233] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.222 (+1 hits since last alert)|eileensharaga.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eileensharaga.com"] [uri "/xmlrpc.php"] [unique_id "aj9BfkxarbH_I08zrmfBBgAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 02:20:02
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:19:53.122873 2026] [security2:error] [pid 27944:tid 27944] [client 197.188.132.222:26356] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.222 (+1 hits since last alert)|tarekshohaieb.online|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tarekshohaieb.online"] [uri "/xmlrpc.php"] [unique_id "aj8zSWNN4FNmYpO-e4cV6QAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-06-27 00:30:05
(4 days ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 18:41:21
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 14:41:15.685718 2026] [security2:error] [pid 10010:tid 10010] [client 197.188.132.222:20303] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.222 (+1 hits since last alert)|hsoftwaresystems.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hsoftwaresystems.net"] [uri "/xmlrpc.php"] [unique_id "aj7HyzYf4M--YN5IDyUkzQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
Apache
2026-06-26 18:38:31
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (NA/Namibia/-): 5 in the last 3 ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (NA/Namibia/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 15:01:27
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 11:01:23.770157 2026] [security2:error] [pid 13927:tid 13927] [client 197.188.132.222:21806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.222 (+1 hits since last alert)|deborahbein.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "deborahbein.com"] [uri "/xmlrpc.php"] [unique_id "aj6UQ4EBLAJCo1HXDiKiEwAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 14:03:32
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.222 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 10:03:26.562554 2026] [security2:error] [pid 24706:tid 24706] [client 197.188.132.222:3123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.222 (+1 hits since last alert)|schlegelcreative.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schlegelcreative.com"] [uri "/xmlrpc.php"] [unique_id "aj6GrpoA0paJALtatLDS6QAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-25 21:41:47
(5 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-06-24 15:38:10
(6 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack