๐ช๐ธ
masterguru
2026-07-05 00:12:33
(2 hours ago)
(xmlrpc) Failed xmlrpc access from 180.242.9.95 (ID/Indonesia/-): 5 in the last 3600 secs (0-122)
Hacking
๐ซ๐ท
SpaceHost-Server
2026-07-04 22:28:46
(3 hours ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 15:25:13
(10 hours ago)
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 11:25:08.923679 2026] [security2:error] [pid 2779:tid 2779] [client 180.242.9.95:16541] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.9.95 (+1 hits since last alert)|airdriedrivingschool.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airdriedrivingschool.com"] [uri "/xmlrpc.php"] [unique_id "akkl1IxGmqeTYBgL_jjbagAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 06:48:34
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:48:17.585018 2026] [security2:error] [pid 21663:tid 21663] [client 180.242.9.95:50769] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.9.95 (+1 hits since last alert)|talkingmess.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "talkingmess.com"] [uri "/xmlrpc.php"] [unique_id "akissWFjxIV76skOAGCpUAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 05:54:10
(20 hours ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-04 04:29:26
(21 hours ago)
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 00:29:19.732191 2026] [security2:error] [pid 18085:tid 18085] [client 180.242.9.95:54321] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.9.95 (+1 hits since last alert)|climasyequipos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "climasyequipos.com"] [uri "/xmlrpc.php"] [unique_id "akiMH-3635-dNGxEDvP9iAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-04 03:50:01
(22 hours ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-04 03:40:15
(22 hours ago)
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 23:40:10.878492 2026] [security2:error] [pid 17981:tid 17981] [client 180.242.9.95:64558] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.9.95 (+1 hits since last alert)|goseethenurse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goseethenurse.com"] [uri "/xmlrpc.php"] [unique_id "akiAmqoF88mAMvEbKmMH8gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-04 03:05:17
(23 hours ago)
5.803 post requests in 1 hour (2w6d3h)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-04 00:40:30
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 20:40:24.927734 2026] [security2:error] [pid 27773:tid 27773] [client 180.242.9.95:62482] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.9.95 (+1 hits since last alert)|globaldentalservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globaldentalservices.com"] [uri "/xmlrpc.php"] [unique_id "akhWeB67F_y9V0NPc4G7HgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-03 22:28:45
(1 day ago)
Brute-Force
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-03 21:29:40
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 17:13:53
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.9.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 13:13:47.497413 2026] [security2:error] [pid 23048:tid 23136] [client 180.242.9.95:65247] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.9.95 (+1 hits since last alert)|wedgwoodclub.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wedgwoodclub.com"] [uri "/xmlrpc.php"] [unique_id "akfty4i49u_PRuXnVeyYUQAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-03 15:10:17
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
rh24
2026-07-03 13:50:21
(1 day ago)
(wordpress) Failed wordpress login from 180.242.9.95 (ID/Indonesia/-): (CF_ENABLE)
Brute-Force