π©πͺ
dbmwebdesign
2026-07-08 11:55:22
(4 hours ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 09:50:27
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.61.121.111 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 37.61.121.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 05:50:21.467629 2026] [security2:error] [pid 26686:tid 26731] [client 37.61.121.111:4203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.61.121.111 (+1 hits since last alert)|planmytrust.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "planmytrust.com"] [uri "/xmlrpc.php"] [unique_id "ak4dXVtw3epGTySCpTDV2wAAAIE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-08 09:31:36
(7 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
integrantservices.com
2026-07-08 08:53:58
(7 hours ago)
(wordpress) Failed wordpress login from 37.61.121.111 (AZ/Azerbaijan/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-08 08:49:00
(7 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.61.121.111 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 37.61.121.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 04:48:57.010634 2026] [security2:error] [pid 24566:tid 24566] [client 37.61.121.111:9619] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.61.121.111 (+1 hits since last alert)|ralphharris.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ralphharris.org"] [uri "/xmlrpc.php"] [unique_id "ak4O-ZFIFO7fEFitRfX6yAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-08 07:46:09
(8 hours ago)
(mod_security) mod_security (id:240335) triggered by 37.61.121.111 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 37.61.121.111 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:46:06.245767 2026] [security2:error] [pid 21522:tid 21522] [client 37.61.121.111:11822] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 37.61.121.111 (+1 hits since last alert)|enjoymycondos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "enjoymycondos.com"] [uri "/xmlrpc.php"] [unique_id "ak4APhQo8aCmtpyCNw25yQAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
abdubhai
2026-07-08 07:43:58
(8 hours ago)
37.61.121.111 - - [08/Jul/2026:1
...
Brute-Force
π©πͺ
EGP Abuse Dept
2026-04-15 15:28:05
(2 months ago)
Scraping webshop URLs (www.qusedpallets.com), likely botnet drone
Bad Web Bot
Exploited Host
π³π±
melroy89
2026-04-03 15:31:44
(3 months ago)
37.61.121.111 - - [03/Apr/2026:17:30:48 +0200] "GET /login HTTP/1.1" 200 1978 "https://kbin.melroy. ...
show more
37.61.121.111 - - [03/Apr/2026:17:30:48 +0200] "GET /login HTTP/1.1" 200 1978 "https://kbin.melroy.org/m/[email protected] /t/419122/Italian-investigators-trying-to-establish-why-Bayesian-superyacht-sank-so/comment/3757041" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "kbin.melroy.org" 0.034
...
show less
DDoS Attack
Anonymous
2025-11-22 15:19:32
(7 months ago)
scanning http requests from known botnet
Web App Attack
Anonymous
2024-12-21 20:10:58
(1 year ago)
Ports: 25,2525,465,587,2525; Direction: 0; Trigger: LF_DISTATTACK
Brute-Force
SSH