๐ณ๐ฑ
wlt-blocker
2026-07-02 11:36:46
(7 hours ago)
Unauthorized access to webpage admin
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 11:06:36
(7 hours ago)
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:06:30.526832 2026] [security2:error] [pid 20615:tid 20615] [client 45.118.166.89:29932] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.118.166.89 (+1 hits since last alert)|bickleton.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bickleton.org"] [uri "/xmlrpc.php"] [unique_id "akZGNnzsfQ4WrR7K8avtngAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-02 10:01:05
(8 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
WeekendWeb
2026-07-02 08:50:21
(9 hours ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:21:50
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:21:44.489812 2026] [security2:error] [pid 5079:tid 5079] [client 45.118.166.89:24713] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.118.166.89 (+1 hits since last alert)|magacine.tv|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "magacine.tv"] [uri "/xmlrpc.php"] [unique_id "akYRiNcZ-Q-zEvoc3AARkQAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 06:20:57
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 02:20:53.807101 2026] [security2:error] [pid 22038:tid 22038] [client 45.118.166.89:24881] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.118.166.89 (+1 hits since last alert)|astglobaltech.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "astglobaltech.com"] [uri "/xmlrpc.php"] [unique_id "akYDRenXSRbquXHgSZLqcQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 05:50:54
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:50:49.957454 2026] [security2:error] [pid 16781:tid 16784] [client 45.118.166.89:26545] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.118.166.89 (+1 hits since last alert)|woodamy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "woodamy.com"] [uri "/xmlrpc.php"] [unique_id "akX8OVnWoivBIoNA3ADdugAAAQE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bazter.pro
2026-07-02 05:49:04
(12 hours ago)
Fail2Ban: plesk-bot-aggressive - 15 failures
Port Scan
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-01 17:51:14
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 16:52:43
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.118.166.89 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 12:52:34.848923 2026] [security2:error] [pid 15001:tid 15001] [client 45.118.166.89:27116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.118.166.89 (+1 hits since last alert)|geriterry.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geriterry.com"] [uri "/xmlrpc.php"] [unique_id "akVF0lm8p3ouAb9IzlRGsAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
polycoda
2026-01-26 14:45:42
(5 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack