๐บ๐ธ
TPI-Abuse
2026-06-29 14:58:18
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 10:58:09.124035 2026] [security2:error] [pid 6887:tid 6887] [client 178.178.103.151:9579] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.178.103.151 (+1 hits since last alert)|roguetechscene.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "roguetechscene.com"] [uri "/xmlrpc.php"] [unique_id "akKIAW-nqAU825qchuhauwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
botreporter
2026-06-29 12:07:24
(4 days ago)
botnet ignoring robots.txt
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-26 15:09:08
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 11:09:01.155883 2026] [security2:error] [pid 9091:tid 9091] [client 178.178.103.151:2191] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.178.103.151 (+1 hits since last alert)|genevaatlantic.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "genevaatlantic.com"] [uri "/xmlrpc.php"] [unique_id "aj6WDWKIzmnsGiMHxVJiUwAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-25 20:54:48
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 16:54:41.921769 2026] [security2:error] [pid 4879:tid 4879] [client 178.178.103.151:57894] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.178.103.151 (+1 hits since last alert)|servecon.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "servecon.net"] [uri "/xmlrpc.php"] [unique_id "aj2VkdVBqRLkZ078WEx_AwAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-23 15:30:25
(1 week ago)
[redacted] 178.178.103.151 - - [23/Jun/2026:17:29:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 178.178.103.151 - - [23/Jun/2026:17:29:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 178.178.103.151 - - [23/Jun/2026:17:29:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 178.178.103.151 - - [23/Jun/2026:17:30:03 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
[redacted] 178.178.103.151 - - [23/Jun/2026:17:30:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 178.178.103.151 - - [23/Jun/2026:17:30:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-06-22 19:09:28
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-06-16 18:39:10
(2 weeks ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-15 19:20:26
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 15:20:22.274899 2026] [security2:error] [pid 17041:tid 17077] [client 178.178.103.151:18018] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.178.103.151 (+1 hits since last alert)|artmarialeon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "artmarialeon.com"] [uri "/xmlrpc.php"] [unique_id "ajBQdgbYFnlm80YZav72XAAAAVg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-06-14 23:03:12
(2 weeks ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 21:43:09
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:43:01.970570 2026] [security2:error] [pid 24487:tid 24487] [client 178.178.103.151:17476] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.178.103.151 (+1 hits since last alert)|doctoredwinalvarez.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "doctoredwinalvarez.com"] [uri "/xmlrpc.php"] [unique_id "ah9OZcWy8skTpG3-CwgqMAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 14:52:19
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 178.178.103.151 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 10:52:12.911676 2026] [security2:error] [pid 31104:tid 31104] [client 178.178.103.151:42667] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.178.103.151 (+1 hits since last alert)|fredlandia.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fredlandia.com"] [uri "/xmlrpc.php"] [unique_id "ah7uHPrq3M12y667fUX-QAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-01 18:53:25
(1 month ago)
178.178.103.151 - - [01/Jun/2026:20:53:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack b ...
show more
178.178.103.151 - - [01/Jun/2026:20:53:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com"
178.178.103.151 - - [01/Jun/2026:20:53:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com"
178.178.103.151 - - [01/Jun/2026:20:53:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)"
show less
Hacking
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-01 18:38:02
(1 month ago)
178.178.103.151 - - [01/Jun/2026:20:37:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack b ...
show more
178.178.103.151 - - [01/Jun/2026:20:37:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com"
178.178.103.151 - - [01/Jun/2026:20:37:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com"
178.178.103.151 - - [01/Jun/2026:20:38:01 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-06-01 16:35:31
(1 month ago)
178.178.103.151 - - [01/Jun/2026:18:35:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/1 ...
show more
178.178.103.151 - - [01/Jun/2026:18:35:08 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack/12.5; WordPress/6.2; http://site79722333.com"
178.178.103.151 - - [01/Jun/2026:18:35:19 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "WordPress.com; https://wordpress.com"
178.178.103.151 - - [01/Jun/2026:18:35:29 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4894 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
show less
Hacking
Web App Attack