๐บ๐ธ
TPI-Abuse
2026-07-02 20:21:28
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 16:21:19.809948 2026] [security2:error] [pid 4725:tid 4725] [client 178.72.79.244:56668] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.72.79.244 (+1 hits since last alert)|idmadventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "idmadventures.com"] [uri "/xmlrpc.php"] [unique_id "akbIP4Vp6NVBbfdF9fjnKwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-02 20:19:56
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-02 18:49:34
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 14:49:30.289433 2026] [security2:error] [pid 26126:tid 26126] [client 178.72.79.244:57739] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.72.79.244 (+1 hits since last alert)|rdhtrucking.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rdhtrucking.com"] [uri "/xmlrpc.php"] [unique_id "akayusPrehFuONGVX2OY0gAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 16:15:46
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 12:15:39.934060 2026] [security2:error] [pid 12337:tid 12337] [client 178.72.79.244:55911] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.72.79.244 (+1 hits since last alert)|38floorsupply.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "38floorsupply.com"] [uri "/xmlrpc.php"] [unique_id "akaOqw9n4OpFtwS_n9647QAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 12:06:05
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 08:06:01.175832 2026] [security2:error] [pid 30322:tid 30322] [client 178.72.79.244:63678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.72.79.244 (+1 hits since last alert)|techoutletec.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "techoutletec.com"] [uri "/xmlrpc.php"] [unique_id "akZUKczCpMhA8DxkqIeD9wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-02 12:05:05
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
RU/Russia/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 11:04:53
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 07:04:48.827042 2026] [security2:error] [pid 6380:tid 6380] [client 178.72.79.244:50324] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.72.79.244 (+1 hits since last alert)|primemanagementmn.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "primemanagementmn.com"] [uri "/xmlrpc.php"] [unique_id "akZF0LfqpUpku2MHnFukewAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-02 02:12:20
(2 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
Anonymous
2026-07-01 19:07:03
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 18:07:10
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 14:07:04.422618 2026] [security2:error] [pid 23626:tid 23653] [client 178.72.79.244:60871] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.72.79.244 (+1 hits since last alert)|arizonasolutionsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arizonasolutionsgroup.com"] [uri "/xmlrpc.php"] [unique_id "akVXSNhoArg1uvc_Gh7xSAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-01 11:00:38
(3 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ฒ๐พ
Rizzy
2026-07-01 06:11:52
(3 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 05:12:21
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.72.79.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:12:16.401633 2026] [security2:error] [pid 15388:tid 15388] [client 178.72.79.244:57062] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.72.79.244 (+1 hits since last alert)|takeapawsboston.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "takeapawsboston.com"] [uri "/xmlrpc.php"] [unique_id "akShsM4GeN6oZHXcGGOlGQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-01 04:07:46
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-01 01:56:16
(3 days ago)
Bad Web Bot
Web App Attack