๐ซ๐ท
SpaceHost-Server
2026-07-02 22:32:33
(12 hours ago)
Brute-Force
Web App Attack
๐ฌ๐ท
setupgr
2026-07-01 08:21:21
(2 days ago)
(wplogin_block) Blocked WP-Login Access Attempt 4.193.179.5 (SG/Singapore/-/Singapore/-/[AS8075 MICR ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 4.193.179.5 (SG/Singapore/-/Singapore/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 4.193.179.5 - - [01/Jul/2026:11:07:45 +0300] "GET /wp-login.php?redirect_to=https%3A%2F%2Fadoro.gr%2Fwp-admin%2F&reauth=1 HTTP/1.1" 200 8713 "-" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36"
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-01 08:08:37
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:08:31.433266 2026] [security2:error] [pid 18663:tid 18663] [client 4.193.179.5:6548] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 4.193.179.5 (+1 hits since last alert)|ritterlien.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ritterlien.com"] [uri "/xmlrpc.php"] [unique_id "akTK_0EbAXjy4Rl4DKxrJQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฟ
ddw
2026-07-01 08:07:59
(2 days ago)
Access Violation Attempts - Multiple 403 Forbidden responses.
Hacking
Bad Web Bot
Web App Attack
๐ฉ๐ฐ
ScamAware
2026-07-01 08:00:22
(2 days ago)
Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot ...
show more
Detected by Cloudflare Security Events via WordPress automation. Detection: bad_bot_scanner (Bad bot / scanner behavior). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: managed_challenge. Cloudflare source: botFight.
show less
Bad Web Bot
๐ฉ๐ช
pscriptos
2026-07-01 07:33:13
(2 days ago)
{"ClientAddr":"4.193.179.5:6158","ClientHost":"4.193.179.5","ClientPort":"6158","ClientUsername":"-" ...
show more
{"ClientAddr":"4.193.179.5:6158","ClientHost":"4.193.179.5","ClientPort":"6158","ClientUsername":"-","DownstreamContentSize":418,"DownstreamStatus":403,"Duration":117265583,"OriginContentSize":418,"OriginDuration":114532055,"OriginStatus":403,"Overhead":2733528,"RequestAddr":"www.cleveradmin.de","RequestContentSize":206,"RequestCount":27185,"RequestHost":"www.cleveradmin.de","RequestMethod":"POST","RequestPath":"/xmlrpc.php","RequestPort":"-","RequestProtocol":"HTTP/1.1","RequestScheme":"https","RetryAttempts":0,"RouterName":"cleveradmin-www-websecure@file","ServiceAddr":"172.16.80.10:80","ServiceName":"cleveradmin-www@file","ServiceURL":"http://172.16.80.10:80","StartLocal":"2026-07-01T09:33:10.596424882+02:00","StartUTC":"2026-07-01T07:33:10.596424882Z","TLSCipher":"TLS_AES_128_GCM_SHA256","TLSVersion":"1.3","entryPointName":"websecure","level":"info","msg":"","time":"2026-07-01T09:33:10+02:00"}
{"ClientAddr":"4.193.179.5:6157","ClientHost":"4.193.179.5","ClientPort":"6157","ClientUs
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:14:32
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:14:27.358044 2026] [security2:error] [pid 4429:tid 4429] [client 4.193.179.5:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 4.193.179.5 (+1 hits since last alert)|rodrigoaldecoa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodrigoaldecoa.com"] [uri "/xmlrpc.php"] [unique_id "akS-U1IQwOm9eNy1mFFDaQAAAEg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 06:56:22
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 02:56:16.765246 2026] [security2:error] [pid 3257:tid 3257] [client 4.193.179.5:4616] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 4.193.179.5 (+1 hits since last alert)|robinsnestingplace.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "robinsnestingplace.net"] [uri "/xmlrpc.php"] [unique_id "akS6EPCIMZj1rNBGAY-ieAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-01 06:34:29
(2 days ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: SG | UA: Mozilla/5.0 (Windows NT 10. ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: SG | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Sa
show less
Hacking
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-01 06:30:30
(2 days ago)
rjryanpartners.com.au:443 4.193.179.5 - - [01/Jul/2026:16:30:28 +1000] "GET /?author=1 HTTP/1.1" 404 ...
show more
rjryanpartners.com.au:443 4.193.179.5 - - [01/Jul/2026:16:30:28 +1000] "GET /?author=1 HTTP/1.1" 404 3802 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฌ๐ท
setupgr
2026-07-01 05:26:59
(2 days ago)
(wplogin_block) Blocked WP-Login Access Attempt 4.193.179.5 (-): 1 in the last 86400 secs; Ports: *; ...
show more
(wplogin_block) Blocked WP-Login Access Attempt 4.193.179.5 (-): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 4.193.179.5 - - [01/Jul/2026:08:26:46 +0300] "GET /wp-login.php?redirect_to=https%3A%2F%2Fions.gr%2Fwp-admin%2F&reauth=1 HTTP/1.1" 200 5026 "-" "Mozilla/5.0 (Linux; Android 14; SM-G998B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Mobile Safari/537.36"
show less
Port Scan
๐บ๐ธ
omc
2026-07-01 05:22:23
(2 days ago)
Banned IP [QC]. GET /wp-content/plugins/fix/up.php [Q4].
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-01 05:11:34
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:11:29.805818 2026] [security2:error] [pid 5737:tid 5737] [client 4.193.179.5:4616] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 4.193.179.5 (+1 hits since last alert)|reyadecostarica.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reyadecostarica.com"] [uri "/xmlrpc.php"] [unique_id "akShgQn1b98p8uH12RWA0wAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-01 04:45:05
(2 days ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 04:35:25
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 4.193.179.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 00:35:20.443145 2026] [security2:error] [pid 27471:tid 27471] [client 4.193.179.5:4743] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 4.193.179.5 (+1 hits since last alert)|intelerium.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "intelerium.com"] [uri "/xmlrpc.php"] [unique_id "akSZCFD_wvZT8sSNbs4mfgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack