๐บ๐ธ
TPI-Abuse
2026-07-14 17:29:18
(1 hour ago)
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 13:29:14.525482 2026] [security2:error] [pid 24488:tid 24488] [client 178.156.95.50:55432] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.156.95.50 (+1 hits since last alert)|centrodentalsindolor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "centrodentalsindolor.com"] [uri "/xmlrpc.php"] [unique_id "alZx6uiezfrFemfKuYMp5gAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-14 16:50:12
(2 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 16:24:37
(2 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 12:02:18
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 08:02:12.058656 2026] [security2:error] [pid 13602:tid 13602] [client 178.156.95.50:55607] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.156.95.50 (+1 hits since last alert)|psychiatryabuse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "psychiatryabuse.com"] [uri "/xmlrpc.php"] [unique_id "alDfRAVh0Z01-_jnGKjyowAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 10:00:00
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 05:59:54.223598 2026] [security2:error] [pid 17421:tid 17446] [client 178.156.95.50:50777] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.156.95.50 (+1 hits since last alert)|lamcohomecare.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lamcohomecare.com"] [uri "/xmlrpc.php"] [unique_id "alDCmuvOnUtdepwcJQ3drAAAARQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 08:17:12
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 04:17:08.008227 2026] [security2:error] [pid 29785:tid 29785] [client 178.156.95.50:58429] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.156.95.50 (+1 hits since last alert)|benchmarkbcs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "benchmarkbcs.com"] [uri "/xmlrpc.php"] [unique_id "alCqg8Tn95VI8YvrmrHWEAAAABY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
KnightIndustries
2026-07-09 12:12:49
(5 days ago)
2026-07-09T14:12:27.079116+02:00 milkyway wordpress(oldscarborough.com)[2756360]: XML-RPC authentica ...
show more
2026-07-09T14:12:27.079116+02:00 milkyway wordpress(oldscarborough.com)[2756360]: XML-RPC authentication failure for joshua from 178.156.95.50
2026-07-09T14:12:37.638183+02:00 milkyway wordpress(oldscarborough.com)[2738247]: XML-RPC authentication failure for joshua from 178.156.95.50
2026-07-09T14:12:48.083130+02:00 milkyway wordpress(oldscarborough.com)[2755798]: XML-RPC authentication failure for joshua from 178.156.95.50
...
show less
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-07 17:49:36
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
applemooz
2026-07-01 07:27:20
(1 week ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-24 18:49:19
(2 weeks ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
factor1
2026-06-24 18:18:01
(2 weeks ago)
Fail2ban at saturn Reports Abuse.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 15:55:26
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 11:55:21.423022 2026] [security2:error] [pid 27058:tid 27072] [client 178.156.95.50:61116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.156.95.50 (+1 hits since last alert)|tsengkwongchi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tsengkwongchi.com"] [uri "/xmlrpc.php"] [unique_id "ajv96Xjh1LNx9NZ3g3LbigAAAEY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 02:18:46
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 22:18:40.730386 2026] [security2:error] [pid 16199:tid 16199] [client 178.156.95.50:53144] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.156.95.50 (+1 hits since last alert)|apuntesdeinversion.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apuntesdeinversion.com"] [uri "/xmlrpc.php"] [unique_id "ajNVgCkBGXtKUCne_czL0gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฌ๐ง
cg-design.co.uk
2026-06-17 23:07:39
(3 weeks ago)
(mod_security) mod_security triggered on hostname [redacted] 178.156.95.50 (ES/Spain/-)
SQL Injection
๐บ๐ธ
TPI-Abuse
2026-06-17 22:28:25
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.156.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 18:28:16.788457 2026] [security2:error] [pid 24029:tid 24029] [client 178.156.95.50:59747] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.156.95.50 (+1 hits since last alert)|prayers4america.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "prayers4america.com"] [uri "/xmlrpc.php"] [unique_id "ajMfgOx_kJ6BfC5Zn_TLUQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack