๐บ๐ธ
TPI-Abuse
2026-07-03 07:04:57
(2 hours ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:04:49.630437 2026] [security2:error] [pid 16382:tid 16382] [client 178.73.89.104:41305] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|clayrivers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "clayrivers.com"] [uri "/xmlrpc.php"] [unique_id "akdfETRxIE_xD3SxrOUIyAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 03:49:29
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 23:49:22.756052 2026] [security2:error] [pid 7045:tid 7045] [client 178.73.89.104:40590] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|ismaelcavazos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ismaelcavazos.com"] [uri "/xmlrpc.php"] [unique_id "akcxQu_3PRlo_2Fq8WraIwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-02 22:28:31
(11 hours ago)
Brute-Force
Web App Attack
Anonymous
2026-07-02 21:55:04
(11 hours ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 08:31:20
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:31:15.579011 2026] [security2:error] [pid 32333:tid 32333] [client 178.73.89.104:41063] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|gacstoday.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gacstoday.com"] [uri "/xmlrpc.php"] [unique_id "akYh04h0soc83ytbN_2HBwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 05:05:54
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:05:47.745830 2026] [security2:error] [pid 19714:tid 19714] [client 178.73.89.104:41330] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|technesa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "technesa.com"] [uri "/xmlrpc.php"] [unique_id "akXxq8Gfcw1l1qqZg2GSWAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
alferez
2026-07-02 03:16:20
(1 day ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 23:34:08
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 19:34:03.183837 2026] [security2:error] [pid 6394:tid 6419] [client 178.73.89.104:40739] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|tradersofficepark.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tradersofficepark.com"] [uri "/xmlrpc.php"] [unique_id "akWj65pWa3oAEy9YKjfjrgAAARc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-01 23:31:36
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
SA/Saudi Arabia/-
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 15:42:05
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:42:00.066804 2026] [security2:error] [pid 5589:tid 5589] [client 178.73.89.104:40186] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|bernsteinip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bernsteinip.com"] [uri "/xmlrpc.php"] [unique_id "akU1SIESfhutgukucGYXkwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 22:21:45
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 18:21:37.441799 2026] [security2:error] [pid 829:tid 829] [client 178.73.89.104:40449] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|bbproductionsonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bbproductionsonline.com"] [uri "/xmlrpc.php"] [unique_id "akRBcRc9eV1ljZPPjtdodAAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Kenshin869
2026-06-30 22:19:08
(2 days ago)
Wordpress unauthorized access attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-30 19:23:36
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 15:23:30.891939 2026] [security2:error] [pid 10431:tid 10431] [client 178.73.89.104:39419] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|wwfstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wwfstudio.com"] [uri "/xmlrpc.php"] [unique_id "akQXsgCFvTh9o3fkzWyYrgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 16:56:15
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 16:29:02
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 178.73.89.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 12:28:55.561746 2026] [security2:error] [pid 19163:tid 19163] [client 178.73.89.104:39712] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 178.73.89.104 (+1 hits since last alert)|joevallone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "joevallone.com"] [uri "/xmlrpc.php"] [unique_id "akPux8x2eLCOxgymr5ZbwAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack