๐บ๐ธ
TPI-Abuse
2026-07-05 05:30:50
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 01:30:43.592597 2026] [security2:error] [pid 10412:tid 10412] [client 180.242.96.209:58854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.96.209 (+1 hits since last alert)|97films.media|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "97films.media"] [uri "/xmlrpc.php"] [unique_id "aknsA-EEU5aZ6OayIlSOpQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-05 02:12:46
(1 day ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-05 01:12:08
(1 day ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 22:08:57
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 18:08:54.514282 2026] [security2:error] [pid 25057:tid 25057] [client 180.242.96.209:61076] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.96.209 (+1 hits since last alert)|aandbnaturalfoods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aandbnaturalfoods.com"] [uri "/xmlrpc.php"] [unique_id "akmEdmQa6qbsgjb4uIwbwwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ช
cmbplf
2026-07-04 11:29:10
(1 day ago)
3.795 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-04 11:25:31
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 07:25:14.402972 2026] [security2:error] [pid 9901:tid 9922] [client 180.242.96.209:61437] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.96.209 (+1 hits since last alert)|councilofforeignministers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "councilofforeignministers.com"] [uri "/xmlrpc.php"] [unique_id "akjtmmX-2l0TpQWuKTRsfAAAAQY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-04 11:16:21
(1 day ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-04 07:16:18
(2 days ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 01:51:36
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:51:22.103125 2026] [security2:error] [pid 28523:tid 28523] [client 180.242.96.209:59119] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.96.209 (+1 hits since last alert)|nccb.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nccb.org"] [uri "/xmlrpc.php"] [unique_id "akhnGu-ZPFUH65XQw0OJowAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 01:19:10
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:19:07.106339 2026] [security2:error] [pid 30102:tid 30102] [client 180.242.96.209:60151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.96.209 (+1 hits since last alert)|edgebiopharma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgebiopharma.com"] [uri "/xmlrpc.php"] [unique_id "akhfi1kRjT5P1DxmZQSvUAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-04 00:46:44
(2 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ฉ๐ช
Marc
2026-07-03 22:13:17
(2 days ago)
180.242.96.209 - - [04/Jul/2026:00:12:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "WordPress. ...
show more
180.242.96.209 - - [04/Jul/2026:00:12:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "WordPress.com; https://wordpress.com" 180.242.96.209 - - [04/Jul/2026:00:13:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "Jetpack by WordPress.com" 180.242.96.209 - - [04/Jul/2026:00:13:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3295 "-" "Jetpack/12.1; WordPress/6.4; http://site57542225.com"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 21:46:26
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:46:20.015712 2026] [security2:error] [pid 19379:tid 19392] [client 180.242.96.209:53726] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.96.209 (+1 hits since last alert)|minutosrobados.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "minutosrobados.com"] [uri "/xmlrpc.php"] [unique_id "akgtrLkfyOzz6KRVngNugAAAAMk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-03 21:10:04
(2 days ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 11:45:43
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 180.242.96.209 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 07:45:36.355947 2026] [security2:error] [pid 15272:tid 15272] [client 180.242.96.209:58480] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 180.242.96.209 (+1 hits since last alert)|mavikalem.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mavikalem.org"] [uri "/xmlrpc.php"] [unique_id "akeg4B5Nk4vmOg_ytSq9jAAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack