πΊπΈ
TPI-Abuse
2026-07-14 11:46:09
(10 hours ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 07:46:04.783370 2026] [security2:error] [pid 2005:tid 2005] [client 182.180.122.204:56931] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|goldcountrygermanamericanclub.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goldcountrygermanamericanclub.org"] [uri "/xmlrpc.php"] [unique_id "alYhfMTVSxtsAdU5wJP7NwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-14 11:12:44
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 07:12:38.194506 2026] [security2:error] [pid 628:tid 661] [client 182.180.122.204:49425] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|sparkhypnotherapy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sparkhypnotherapy.com"] [uri "/xmlrpc.php"] [unique_id "alYZprbYinFnUADKKzwdkwAAARY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TAY
2026-07-14 10:39:06
(12 hours ago)
182.180.122.204 - - [14/Jul/2026:18:38:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack/1 ...
show more
182.180.122.204 - - [14/Jul/2026:18:38:46 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack/13.0; WordPress/6.1; http://site54580638.com"
182.180.122.204 - - [14/Jul/2026:18:38:54 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack/12.0; WordPress/6.4; http://site68248019.com"
182.180.122.204 - - [14/Jul/2026:18:39:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5979 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-14 06:36:47
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 02:36:42.821545 2026] [security2:error] [pid 3978:tid 3984] [client 182.180.122.204:55246] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|eliteproductions.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eliteproductions.tv"] [uri "/xmlrpc.php"] [unique_id "alXY-n8NSebz7bJhQgwaMgAAAQQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
Mario Bretscher
2026-07-13 04:04:37
(1 day ago)
Jul 13 06:04:26 beat-band.ch Cerber(beat-band.ch)[4167318]: Authentication failure for beat-band fro ...
show more
Jul 13 06:04:26 beat-band.ch Cerber(beat-band.ch)[4167318]: Authentication failure for beat-band from 182.180.122.204
Jul 13 06:04:36 beat-band.ch Cerber(beat-band.ch)[14060]: Authentication failure for beat-band from 182.180.122.204
...
show less
Web Spam
πΊπΈ
TPI-Abuse
2026-07-10 08:00:45
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 04:00:39.916471 2026] [security2:error] [pid 30507:tid 30507] [client 182.180.122.204:62429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|budgetbyron.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "budgetbyron.com"] [uri "/xmlrpc.php"] [unique_id "alCmpyY32oXO4toUF02s3AAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-10 06:31:31
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 02:31:24.048587 2026] [security2:error] [pid 26757:tid 26757] [client 182.180.122.204:49415] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|bergenoaks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bergenoaks.com"] [uri "/xmlrpc.php"] [unique_id "alCRvBKrMhuBw3NXqXHF4QAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
neckaralb-admin.de
2026-07-09 11:24:40
(5 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-07-09 10:41:05
(5 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-07-09 05:48:31
(5 days ago)
(wordpress) Failed wordpress login from 182.180.122.204 (PK/Pakistan/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-07 09:12:54
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 05:12:47.246023 2026] [security2:error] [pid 1386:tid 1386] [client 182.180.122.204:52947] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|tcomputerguy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tcomputerguy.com"] [uri "/xmlrpc.php"] [unique_id "akzDD94I5b-13DzriywyxAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-07 09:09:50
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 09:30:42
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 05:30:38.877115 2026] [security2:error] [pid 28890:tid 28943] [client 182.180.122.204:59524] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|woodamy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "woodamy.com"] [uri "/xmlrpc.php"] [unique_id "akOMvmH0r8iSsFYmILREWwAAANM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 03:22:47
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 23:22:44.727700 2026] [security2:error] [pid 21016:tid 21016] [client 182.180.122.204:55834] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|gemco-mfg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gemco-mfg.com"] [uri "/xmlrpc.php"] [unique_id "akM2hBIqfCR9ImfETrhpxAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-29 04:43:39
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 182.180.122.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 00:43:36.054360 2026] [security2:error] [pid 3613:tid 3613] [client 182.180.122.204:55731] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 182.180.122.204 (+1 hits since last alert)|aseguratuauto.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aseguratuauto.com"] [uri "/xmlrpc.php"] [unique_id "akH3-O4YiPpPRPQ1ftoq1wAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack