๐บ๐ธ
kosada.com
2026-06-29 08:10:40
(11 hours ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
๐ฆ๐บ
MAGIC
2026-06-27 04:57:37
(2 days ago)
VM1 Bad user agents ignoring web crawling rules. Draing bandwidth
DDoS Attack
Bad Web Bot
๐ฉ๐ช
Vegascosmetics
2026-06-26 14:59:44
(3 days ago)
(Kingcopy.org-AI-IDS-Report):IP automatically blocked after suspicious activity. Vegas Security
DDoS Attack
Hacking
Exploited Host
๐ณ๐ฑ
ipoac.nl
2026-06-25 23:30:50
(3 days ago)
2026-06-26T01:30:49.762892+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown ...
show more
2026-06-26T01:30:49.762892+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown user 5fm from 38.172.162.41
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 22:01:53
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 18:01:47.098569 2026] [security2:error] [pid 3086:tid 3086] [client 38.172.162.41:56944] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.172.162.41 (+1 hits since last alert)|fundingangelinvestors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundingangelinvestors.com"] [uri "/xmlrpc.php"] [unique_id "aj2lS9g0Gz5DAC5CdMYu1AAAADE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-25 22:00:05
(3 days ago)
(wordpress) Failed wordpress login from 38.172.162.41 (VE/Venezuela/-)
Brute-Force
Anonymous
2026-06-25 21:58:40
(3 days ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 21:00:45
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 17:00:39.880942 2026] [security2:error] [pid 24124:tid 24124] [client 38.172.162.41:57199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.172.162.41 (+1 hits since last alert)|firstunitedreserve.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "firstunitedreserve.com"] [uri "/xmlrpc.php"] [unique_id "aj2W9504bsWTkIGv3LjgiwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-25 19:55:49
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 15:31:38
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:31:30.922680 2026] [security2:error] [pid 26515:tid 26515] [client 38.172.162.41:56594] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.172.162.41 (+1 hits since last alert)|starcrestsales.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "starcrestsales.com"] [uri "/xmlrpc.php"] [unique_id "aj1J0kr04hV384wm3uVkTQAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 22:37:03
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:36:55.975781 2026] [security2:error] [pid 18961:tid 18961] [client 38.172.162.41:57166] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.172.162.41 (+1 hits since last alert)|artbytracyjane.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artbytracyjane.com"] [uri "/xmlrpc.php"] [unique_id "ajxcB4nN_P4RTbvScDFFMgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-06-24 21:55:05
(4 days ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 19:01:45
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 38.172.162.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 15:01:42.081999 2026] [security2:error] [pid 31291:tid 31291] [client 38.172.162.41:56882] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 38.172.162.41 (+1 hits since last alert)|ardath.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ardath.net"] [uri "/xmlrpc.php"] [unique_id "ajwplpqSTD9CqJKjfm3VMQAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-24 15:47:13
(5 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-05-31 21:41:10
(4 weeks ago)
Attac
Brute-Force