๐ฒ๐พ
Rizzy
2026-07-08 08:58:38
(8 hours ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-08 07:25:52
(10 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
kosada.com
2026-06-29 10:54:21
(1 week ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
Anonymous
2026-06-16 11:16:35
(3 weeks ago)
WEB attack
Brute-Force
๐บ๐ธ
nodepile
2026-05-30 15:46:46
(1 month ago)
Requests denied due to active blacklist hits (tenant=82 method=GET path=/static/version1775170088/fr ...
show more
Requests denied due to active blacklist hits (tenant=82 method=GET path=/static/version1775170088/frontend/Smartwave/porto/en_US/Astound_Affirm/affirm-promo.css ua='Mozilla/5.0 (Linux; Android 8.0; Pixel 2 Build/OPD3.170816.012) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.7585.1989 Mobile Safari/537.36')
show less
Web App Attack
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-05-25 11:21:16
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 212.200.65.80 (212-200-65-80.3gnet.mts.telekom. ...
show more
(mod_security) mod_security (id:240335) triggered by 212.200.65.80 (212-200-65-80.3gnet.mts.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 07:21:11.056226 2026] [security2:error] [pid 18975:tid 18975] [client 212.200.65.80:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.200.65.80 (+1 hits since last alert)|avaliantlife.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avaliantlife.com"] [uri "/xmlrpc.php"] [unique_id "ahQwp9zZmu4n5yeBzbVIFAAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-05-25 10:11:11
(1 month ago)
Known malicious PHP file or CMS probe
Web App Attack
Anonymous
2026-05-25 09:52:19
(1 month ago)
Attac
Brute-Force
๐ซ๐ท
francoisunix
2026-05-25 07:58:12
(1 month ago)
212.200.65.80 - - [25/May/2026:07:57:29 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.co ...
show more
212.200.65.80 - - [25/May/2026:07:57:29 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.com; https://wordpress.com"
212.200.65.80 - - [25/May/2026:07:57:39 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
212.200.65.80 - - [25/May/2026:07:57:49 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com"
212.200.65.80 - - [25/May/2026:07:57:59 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "WordPress.com; https://wordpress.com"
212.200.65.80 - - [25/May/2026:07:58:10 +0000] "POST /xmlrpc.php HTTP/1.0" 401 415 "-" "Jetpack by WordPress.com"
...
show less
Web App Attack
๐ฌ๐ง
PeravixGroup
2026-05-09 22:41:58
(1 month ago)
Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: ME ...
show more
Honeypot detection: Telnet / IoT device brute-force or exploitation attempt on port 23. Severity: MEDIUM. Aaran.cloud
show less
IoT Targeted
Brute-Force
๐ณ๐ฑ
debestelapp
2026-05-04 11:30:04
(2 months ago)
Web App Attack
๐ฉ๐ช
abdubhai
2026-05-04 06:37:53
(2 months ago)
212.200.65.80 - - [04/May/2026:1
...
Brute-Force
๐บ๐ธ
NicoID
2026-04-12 00:13:28
(2 months ago)
212.200.65.80 - - [11/Apr/2026:11:02:11 -0600] "POST /xmlrpc.php HTTP/1.1" 200 3234 "-" "WordPress.c ...
show more
212.200.65.80 - - [11/Apr/2026:11:02:11 -0600] "POST /xmlrpc.php HTTP/1.1" 200 3234 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-11 17:30:35
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 212.200.65.80 (212-200-65-80.3gnet.mts.telekom. ...
show more
(mod_security) mod_security (id:225170) triggered by 212.200.65.80 (212-200-65-80.3gnet.mts.telekom.rs): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 13:30:31.117092 2026] [security2:error] [pid 3269874:tid 3269874] [client 212.200.65.80:3214] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||transcapitalsolutions.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "transcapitalsolutions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adqFN-AlbTE9Vlm_eFVXwQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
myagent.site
2026-04-11 16:52:09
(2 months ago)
Blocking for trying to access an exploit file: /xmlrpc.php
Hacking