๐บ๐ธ
TPI-Abuse
2026-07-12 19:33:44
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 15:33:36.149016 2026] [security2:error] [pid 12201:tid 12201] [client 178.155.4.182:41160] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.155.4.182 (+1 hits since last alert)|stlouisdave.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stlouisdave.com"] [uri "/xmlrpc.php"] [unique_id "alPsEI3RyY-WYjO81HbSyQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-12 18:30:47
(21 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-12 03:21:02
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 23:20:54.854205 2026] [security2:error] [pid 21456:tid 21456] [client 178.155.4.182:50268] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.155.4.182 (+1 hits since last alert)|kbalan.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kbalan.com"] [uri "/xmlrpc.php"] [unique_id "alMIFhCt3QYr-vhw8mXnCQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-11 01:48:04
(2 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐ฆ๐บ
clapper
2026-07-11 00:23:16
(2 days ago)
(mod_security) mod_security (id:350202) triggered by 178.155.4.182 (RU/Russia/-): 5 in the last 600 ...
show more
(mod_security) mod_security (id:350202) triggered by 178.155.4.182 (RU/Russia/-): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-11 00:19:27
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 20:19:22.608981 2026] [security2:error] [pid 15809:tid 15809] [client 178.155.4.182:61489] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.155.4.182 (+1 hits since last alert)|warpedweed.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "warpedweed.com"] [uri "/xmlrpc.php"] [unique_id "alGMCkk2Vn0pJByWrZfWEQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 21:16:15
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 17:16:08.421324 2026] [security2:error] [pid 10741:tid 10768] [client 178.155.4.182:36915] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.155.4.182 (+1 hits since last alert)|jimlawrencesongs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jimlawrencesongs.com"] [uri "/xmlrpc.php"] [unique_id "alFhGAsOtjjLrd9JEO1hMQAAAZg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-08 22:48:01
(4 days ago)
178.155.4.182 - - [09/Jul/2026:00:47:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.co ...
show more
178.155.4.182 - - [09/Jul/2026:00:47:39 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com"
178.155.4.182 - - [09/Jul/2026:00:47:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com"
178.155.4.182 - - [09/Jul/2026:00:47:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.1; WordPress/6.3; http://site12300179.com"
178.155.4.182 - - [09/Jul/2026:00:47:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.1; WordPress/6.3; http://site12300179.com"
178.155.4.182 - - [09/Jul/2026:00:47:59 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 16:37:46
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 12:37:41.436549 2026] [security2:error] [pid 15440:tid 15440] [client 178.155.4.182:18938] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.155.4.182 (+1 hits since last alert)|wsffjatc.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wsffjatc.org"] [uri "/xmlrpc.php"] [unique_id "ak0rVTl2khr--Ve2DWmK8AAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-07 16:20:09
(5 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 15:56:57
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 11:56:51.865374 2026] [security2:error] [pid 3612:tid 3612] [client 178.155.4.182:63203] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.155.4.182 (+1 hits since last alert)|hookedupfishing.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hookedupfishing.net"] [uri "/xmlrpc.php"] [unique_id "ak0hw3TWjbbviIyvokEiggAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 06:04:43
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.155.4.182 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 02:04:40.137767 2026] [security2:error] [pid 10461:tid 10461] [client 178.155.4.182:40636] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.155.4.182 (+1 hits since last alert)|sutherlandyogastudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sutherlandyogastudio.com"] [uri "/xmlrpc.php"] [unique_id "akiieIigK1wWsBobRplbgQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-10-20 05:32:44
(8 months ago)
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.20 is noted in report tim ...
show more
Attempted brute force login to web vpn 2 time(s); last attempt for 2025.10.20 is noted in report timestamp
show less
Hacking
Brute-Force