๐ณ๐ฑ
Savvii
2026-06-26 11:15:52
(1 week ago)
10 attempts against mh-misc-ban on chive
Web App Attack
๐ง๐ช
cmbplf
2026-06-23 21:36:50
(1 week ago)
1.000 requests with url.path //xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-23 01:52:12
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 212.30.37.32 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 212.30.37.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 21:52:07.170942 2026] [security2:error] [pid 31211:tid 31211] [client 212.30.37.32:56913] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.30.37.32 (+1 hits since last alert)|indyham.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "indyham.com"] [uri "/xmlrpc.php"] [unique_id "ajnmx7rdjbP6I2m9J-3YpQAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐ฑ
Dolphi
2026-06-16 17:32:14
(2 weeks ago)
POST //xmlrpc.php
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-06-16 15:00:46
(2 weeks ago)
Attaque distribuรฉe subnet
DDoS Attack
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-16 00:01:42
(2 weeks ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-06-15 21:45:42
(2 weeks ago)
(wordpress) Failed wordpress login from 212.30.37.32 (NL/The Netherlands/South Holland/Rotterdam/-/[ ...
show more
(wordpress) Failed wordpress login from 212.30.37.32 (NL/The Netherlands/South Holland/Rotterdam/-/[redacted])
show less
Brute-Force
Anonymous
2026-06-15 19:56:38
(2 weeks ago)
[da.kdns.gr] httpd-xmlrpc-post: sites=lestel.gr; logs=/var/log/httpd/domains/lestel.gr.log; samples= ...
show more
[da.kdns.gr] httpd-xmlrpc-post: sites=lestel.gr; logs=/var/log/httpd/domains/lestel.gr.log; samples=//xmlrpc.php
show less
Brute-Force
Web App Attack
Anonymous
2026-06-14 03:23:45
(2 weeks ago)
212.30.37.32 - - [14/Jun/2026:05:23:13 +0200] "GET /wp-includes/customize/ HTTP/1.1" 404 475 "-" "Mo ...
show more
212.30.37.32 - - [14/Jun/2026:05:23:13 +0200] "GET /wp-includes/customize/ HTTP/1.1" 404 475 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
212.30.37.32 - - [14/Jun/2026:05:23:13 +0200] "GET /wp-includes/css/dist/admin.php HTTP/1.1" 404 475 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
212.30.37.32 - - [14/Jun/2026:05:23:14 +0200] "GET /wp-admin/css/colors/ectoplasm/min.php HTTP/1.1" 404 475 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
212.30.37.32 - - [14/Jun/2026:05:23:14 +0200] "GET /wolf.php HTTP/1.1" 404 475 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.110 Safari/537.3"
212.30.37.32 - - [14/Jun/2026:05:23:14 +0200] "GET /wp-content/security.php HTTP/1.1" 404 475 "-" "Mozilla/5.0 (Windows NT 10.0; Win64;
...
show less
DDoS Attack
Anonymous
2026-06-11 23:06:06
(3 weeks ago)
Blocked: Reason='Suspicious traffic score=60 (review-based detection)'; Requests=10
Hacking
๐ฉ๐ช
big-cloud.nl
2026-06-11 15:25:49
(3 weeks ago)
Try to access /wp-includes/js/dist/vendor/about.php
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-04 22:29:32
(4 weeks ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 12:45:11
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.37.32 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 212.30.37.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:45:07.764955 2026] [security2:error] [pid 22908:tid 22924] [client 212.30.37.32:25927] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "heatlhydatasystems.com"] [uri "/.git/HEAD"] [unique_id "aiFzUzjGfrMuPIMOZFdVWAAAAMw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-04 09:00:56
(4 weeks ago)
(mod_security) mod_security (id:210492) triggered by 212.30.37.32 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 212.30.37.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 05:00:51.489524 2026] [security2:error] [pid 30247:tid 30247] [client 212.30.37.32:64361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "36quant.com"] [uri "/.git/HEAD"] [unique_id "aiE-w0DCDr2lM0O2fGnelQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
macrob
2026-06-04 08:17:45
(4 weeks ago)
2026/06/04 08:17:43 [error] 944311#944311: *280121685 access forbidden by rule, client: 212.30.37.32 ...
show more
2026/06/04 08:17:43 [error] 944311#944311: *280121685 access forbidden by rule, client: 212.30.37.32, server: binixo.ph, request: "GET /.git-audit-probe-3085b4f6df122aff/HEAD HTTP/1.1", host: "binixo.ph"
2026/06/04 08:17:43 [error] 944311#944311: *280121685 access forbidden by rule, client: 212.30.37.32, server: binixo.ph, request: "GET /.git/HEAD HTTP/1.1", host: "binixo.ph"
2026/06/04 08:17:43 [error] 944311#944311: *280121685 access forbidden by rule, client: 212.30.37.32, server: binixo.ph, request: "GET /.git/config HTTP/1.1", host: "binixo.ph"
...
show less
Web App Attack