πΊπΈ
TPI-Abuse
2026-06-16 19:42:09
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 15:42:02.677467 2026] [security2:error] [pid 899:tid 899] [client 45.227.73.27:11231] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.227.73.27 (+1 hits since last alert)|dynamic-therapy-mn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dynamic-therapy-mn.com"] [uri "/xmlrpc.php"] [unique_id "ajGnCoIOWYrwVHwynp4q3gAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 17:58:23
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 13:58:18.365611 2026] [security2:error] [pid 32561:tid 32561] [client 45.227.73.27:11092] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.227.73.27 (+1 hits since last alert)|daisydoesoap.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "daisydoesoap.com"] [uri "/xmlrpc.php"] [unique_id "ajGOuk9K_lBOV1XP-N2JVgAAACw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 16:59:09
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 12:59:06.014500 2026] [security2:error] [pid 30432:tid 30448] [client 45.227.73.27:10965] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.227.73.27 (+1 hits since last alert)|jimlawrencesongs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jimlawrencesongs.com"] [uri "/xmlrpc.php"] [unique_id "ajGA2pjNUHF6HooaqmlahwAAAUc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
ConsulHosting
2026-06-16 12:39:36
(2 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
π©πͺ
abdubhai
2026-06-16 10:15:20
(2 days ago)
45.227.73.27 - - [16/Jun/2026:15
...
Brute-Force
πΊπΈ
oralunal
2026-06-16 06:15:39
(2 days ago)
IP banned by Fail2Ban in jail its-suss access.log mvfnds
...
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 05:58:41
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:58:33.096373 2026] [security2:error] [pid 13101:tid 13101] [client 45.227.73.27:15204] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.227.73.27 (+1 hits since last alert)|theopinionatedowl.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theopinionatedowl.com"] [uri "/xmlrpc.php"] [unique_id "ajDmCaUTIo_klAll3XPZ1gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-16 05:00:36
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 01:00:29.969357 2026] [security2:error] [pid 14288:tid 14288] [client 45.227.73.27:15074] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.227.73.27 (+1 hits since last alert)|honigcpa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "honigcpa.com"] [uri "/xmlrpc.php"] [unique_id "ajDYbWQx2sF_Lum_MzNPgAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2026-06-16 00:24:30
(2 days ago)
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 21:22:17
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 17:22:13.186840 2026] [security2:error] [pid 4253:tid 4253] [client 45.227.73.27:15010] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.227.73.27 (+1 hits since last alert)|michaelthompson.biz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michaelthompson.biz"] [uri "/xmlrpc.php"] [unique_id "ajBtBYw0ivtoHf5V_QjOngAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
screwlooseit.com.au
2026-06-15 18:47:17
(3 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BR/Brazil/-
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-15 16:46:13
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 45.227.73.27 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:46:03.564197 2026] [security2:error] [pid 27847:tid 27847] [client 45.227.73.27:15237] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.227.73.27 (+1 hits since last alert)|mortuarymessageservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mortuarymessageservices.com"] [uri "/xmlrpc.php"] [unique_id "ajAsS7I4PjNHLeFz4CGqjQAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΎ
Rizzy
2026-06-15 15:44:38
(3 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
π«π·
dynamix
2026-06-15 15:43:25
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π©πͺ
4server
2026-06-15 14:05:59
(3 days ago)
[MonJun1516:05:58.3844872026][security2:error][pid72775:tid72927][client45.227.73.27:0]ModSecurity:A ...
show more
[MonJun1516:05:58.3844872026][security2:error][pid72775:tid72927][client45.227.73.27:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"beyondsecurity.ch\"][uri\"/xmlrpc.php\"][unique_id\"ajAGxmYCS0F6nEsfSecLKwAAAQY\"]
show less
Port Scan
Brute-Force
Web App Attack