๐บ๐ธ
kosada.com
2026-07-10 03:05:11
(8 hours ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
Anonymous
2026-07-08 22:05:12
(1 day ago)
[redacted] 118.99.80.125 - - [09/Jul/2026:00:04:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 118.99.80.125 - - [09/Jul/2026:00:04:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 118.99.80.125 - - [09/Jul/2026:00:04:35 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 118.99.80.125 - - [09/Jul/2026:00:04:46 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
[redacted] 118.99.80.125 - - [09/Jul/2026:00:04:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
[redacted] 118.99.80.125 - - [09/Jul/2026:00:05:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-02 00:03:49
(1 week ago)
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-07-01 23:31:13
(1 week ago)
2026-07-02T01:31:12.640304+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown ...
show more
2026-07-02T01:31:12.640304+02:00 ipoac.nl wordpress(-)-: XML-RPC authentication attempt for unknown user 5fm from 118.99.80.125
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 12:17:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 08:17:51.035620 2026] [security2:error] [pid 31591:tid 31591] [client 118.99.80.125:2030] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.80.125 (+1 hits since last alert)|drgtek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "drgtek.com"] [uri "/xmlrpc.php"] [unique_id "aj-_b6vR_O7kxW4gG2DXawAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 04:31:56
(1 week ago)
[redacted] 118.99.80.125 - - [27/Jun/2026:06:31:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 118.99.80.125 - - [27/Jun/2026:06:31:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.3; http://site92111760.com"
[redacted] 118.99.80.125 - - [27/Jun/2026:06:31:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.2; http://site30212820.com"
[redacted] 118.99.80.125 - - [27/Jun/2026:06:31:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
[redacted] 118.99.80.125 - - [27/Jun/2026:06:31:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 118.99.80.125 - - [27/Jun/2026:06:31:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
debestelapp
2026-06-26 23:15:09
(1 week ago)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 07:06:16
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 03:06:10.249789 2026] [security2:error] [pid 7856:tid 7856] [client 118.99.80.125:34351] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.80.125 (+1 hits since last alert)|bosdkbook.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bosdkbook.com"] [uri "/xmlrpc.php"] [unique_id "aj4k4rN534chr0rcvZdpqQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 06:33:07
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 02:33:02.206480 2026] [security2:error] [pid 12397:tid 12397] [client 118.99.80.125:40797] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.80.125 (+1 hits since last alert)|budgetbyron.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "budgetbyron.com"] [uri "/xmlrpc.php"] [unique_id "aj4dHhGM_qVqzAWJtrBblwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-26 04:03:35
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:03:27.779617 2026] [security2:error] [pid 3852:tid 3871] [client 118.99.80.125:40877] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.80.125 (+1 hits since last alert)|managementlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "managementlaw.com"] [uri "/xmlrpc.php"] [unique_id "aj36D4BsatUEqC4J8zkoxAAAARE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
F242
2026-06-22 05:40:39
(2 weeks ago)
Wordpress soft lock
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-11 13:27:02
(4 weeks ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-06-11 12:25:56
(4 weeks ago)
[redacted] 118.99.80.125 - - [11/Jun/2026:14:25:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 118.99.80.125 - - [11/Jun/2026:14:25:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)"
[redacted] 118.99.80.125 - - [11/Jun/2026:14:25:22 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 118.99.80.125 - - [11/Jun/2026:14:25:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
[redacted] 118.99.80.125 - - [11/Jun/2026:14:25:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 118.99.80.125 - - [11/Jun/2026:14:25:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:51:36
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:51:32.888796 2026] [security2:error] [pid 11882:tid 11882] [client 118.99.80.125:9701] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.80.125 (+1 hits since last alert)|tomkatkaraoke.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tomkatkaraoke.com"] [uri "/xmlrpc.php"] [unique_id "ah61tApUiJrjtrLr4FFzzAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:10:15
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 118.99.80.125 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:10:06.737777 2026] [security2:error] [pid 25966:tid 25966] [client 118.99.80.125:61600] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 118.99.80.125 (+1 hits since last alert)|rodzillacharters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodzillacharters.com"] [uri "/xmlrpc.php"] [unique_id "ah6r_hw3r--vCHnePdx1qAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack