๐บ๐ธ
TPI-Abuse
2026-07-04 11:32:32
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jpr ...
show more
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jprchannel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 07:32:27.221981 2026] [security2:error] [pid 28840:tid 28840] [client 157.119.178.128:62156] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.119.178.128 (+1 hits since last alert)|shannonraevocalstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shannonraevocalstudio.com"] [uri "/xmlrpc.php"] [unique_id "akjvS4Oe9ds-PqGfGcK2JgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 06:07:02
(5 days ago)
Trying to access config files
Web App Attack
Anonymous
2026-07-03 05:06:25
(6 days ago)
Trying to access config files
Web App Attack
Anonymous
2026-07-01 13:19:03
(1 week ago)
157.119.178.128 - - [01/Jul/2026:15:18:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Jetpack by ...
show more
157.119.178.128 - - [01/Jul/2026:15:18:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
157.119.178.128 - - [01/Jul/2026:15:18:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 657 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
157.119.178.128 - - [01/Jul/2026:15:18:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Jetpack/13.0; WordPress/6.4; http://site36240922.com"
157.119.178.128 - - [01/Jul/2026:15:18:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 657 "-" "Jetpack/13.0; WordPress/6.4; http://site36240922.com"
157.119.178.128 - - [01/Jul/2026:15:19:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 847 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-01 13:06:04
(1 week ago)
Trying to access config files
Web App Attack
Anonymous
2026-06-29 12:37:34
(1 week ago)
[redacted] 157.119.178.128 - - [29/Jun/2026:14:36:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 157.119.178.128 - - [29/Jun/2026:14:36:48 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)"
[redacted] 157.119.178.128 - - [29/Jun/2026:14:36:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 157.119.178.128 - - [29/Jun/2026:14:37:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.2; http://site89570769.com"
[redacted] 157.119.178.128 - - [29/Jun/2026:14:37:20 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 157.119.178.128 - - [29/Jun/2026:14:37:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site21181136.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:12:47
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jpr ...
show more
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jprchannel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:12:42.477769 2026] [security2:error] [pid 15916:tid 15916] [client 157.119.178.128:60294] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.119.178.128 (+1 hits since last alert)|qed-consulting.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "qed-consulting.co"] [uri "/xmlrpc.php"] [unique_id "akIM2pj19MkG6qhPV2_R4AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 11:08:54
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jpr ...
show more
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jprchannel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:08:50.311212 2026] [security2:error] [pid 25980:tid 26007] [client 157.119.178.128:58469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.119.178.128 (+1 hits since last alert)|grupojdg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "grupojdg.com"] [uri "/xmlrpc.php"] [unique_id "akEAwt0itd2Xb6It_lDwLQAAAIg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-28 05:30:02
(1 week ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 05:03:55
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jpr ...
show more
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jprchannel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:03:49.581746 2026] [security2:error] [pid 5168:tid 5168] [client 157.119.178.128:61407] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.119.178.128 (+1 hits since last alert)|canebrakes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "canebrakes.com"] [uri "/xmlrpc.php"] [unique_id "akCrNejsjHYixJgSzWl6jAAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 12:43:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jpr ...
show more
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (157.119.178.128.broad-band.jprchannel.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 08:43:53.049347 2026] [security2:error] [pid 19965:tid 19965] [client 157.119.178.128:56810] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 157.119.178.128 (+1 hits since last alert)|geckoturner.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "geckoturner.com"] [uri "/xmlrpc.php"] [unique_id "aj_FifDtWzBjrvytcFKy2wAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-06-26 12:45:05
(1 week ago)
Web App Attack
๐ฌ๐ง
Apache
2026-06-26 12:23:33
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (IN/India/157.119.178.128.broad ...
show more
(mod_security) mod_security (id:240335) triggered by 157.119.178.128 (IN/India/157.119.178.128.broad-band.jprchannel.net): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐ฉ๐ช
Marc
2026-06-26 05:40:23
(1 week ago)
157.119.178.128 - - [26/Jun/2026:07:40:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "Jetpack/1 ...
show more
157.119.178.128 - - [26/Jun/2026:07:40:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "Jetpack/12.1; WordPress/6.3; http://site79043843.com" 157.119.178.128 - - [26/Jun/2026:07:40:11 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3403 "-" "WordPress.com; https://wordpress.com" 157.119.178.128 - - [26/Jun/2026:07:40:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3403 "-" "Jetpack/12.1; WordPress/6.2; http://site26093440.com"
show less
Brute-Force
Web App Attack