๐บ๐ธ
TPI-Abuse
2026-07-17 09:16:12
(2 hours ago)
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu) ...
show more
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 05:16:05.946693 2026] [security2:error] [pid 509626:tid 509734] [client 78.131.69.227:57390] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 78.131.69.227 (+1 hits since last alert)|metropaint.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "metropaint.net"] [uri "/xmlrpc.php"] [unique_id "alny1RXb8EgjrviTGENUcgAAAcw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 05:04:16
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu) ...
show more
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 01:04:11.409643 2026] [security2:error] [pid 5832:tid 5832] [client 78.131.69.227:57446] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 78.131.69.227 (+1 hits since last alert)|theseoscribe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theseoscribe.com"] [uri "/xmlrpc.php"] [unique_id "alm3y3w_zEOSaOvGY4tcXwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-17 03:05:35
(8 hours ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: HU | UA: Jetpack/12.1; WordPress/6.1 ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: HU | UA: Jetpack/12.1; WordPress/6.1; http://site13115918.com
show less
Hacking
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-17 02:50:25
(9 hours ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: HU | UA: Jetpack/12.1; WordPress/6.2 ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: HU | UA: Jetpack/12.1; WordPress/6.2; http://site67887371.com
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 02:36:22
(9 hours ago)
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu) ...
show more
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:36:19.416865 2026] [security2:error] [pid 14015:tid 14015] [client 78.131.69.227:55717] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 78.131.69.227 (+1 hits since last alert)|coyotebytes.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "coyotebytes.net"] [uri "/xmlrpc.php"] [unique_id "almVI4Jx06ZAM7eDgYTSxQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
Mundo Bueno
2026-07-17 02:35:19
(9 hours ago)
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: HU | UA: Jetpack by WordPress.com (J ...
show more
[ISILIA Protection v2.1] Tentative d'accรจs: /xmlrpc.php | Pays: HU | UA: Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)
show less
Hacking
Web App Attack
๐ช๐ธ
masterguru
2026-07-17 00:54:12
(10 hours ago)
(xmlrpc) Failed xmlrpc access from 78.131.69.227 (HU/Hungary/78-131-69-227.pool.digikabel.hu): 5 in ...
show more
(xmlrpc) Failed xmlrpc access from 78.131.69.227 (HU/Hungary/78-131-69-227.pool.digikabel.hu): 5 in the last 3600 secs (0-122)
show less
Hacking
Anonymous
2026-07-16 23:39:03
(12 hours ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-07-16 20:46:12
(15 hours ago)
[redacted] 78.131.69.227 - - [16/Jul/2026:22:45:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ...
show more
[redacted] 78.131.69.227 - - [16/Jul/2026:22:45:16 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 78.131.69.227 - - [16/Jul/2026:22:45:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site68731105.com"
[redacted] 78.131.69.227 - - [16/Jul/2026:22:45:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
[redacted] 78.131.69.227 - - [16/Jul/2026:22:45:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site81607611.com"
[redacted] 78.131.69.227 - - [16/Jul/2026:22:46:11 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site39911854.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 19:40:23
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu) ...
show more
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 15:40:17.438193 2026] [security2:error] [pid 30797:tid 30797] [client 78.131.69.227:63524] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 78.131.69.227 (+1 hits since last alert)|bluemarineboats.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bluemarineboats.com"] [uri "/xmlrpc.php"] [unique_id "alkzoeZMHc04Xh7N0kqo-gAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-16 19:01:51
(16 hours ago)
(wordpress) Failed wordpress login from 78.131.69.227 (HU/Hungary/78-131-69-227.pool.digikabel.hu)
Brute-Force
Anonymous
2026-07-16 15:46:11
(20 hours ago)
[redacted] 78.131.69.227 - - [16/Jul/2026:17:45:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 78.131.69.227 - - [16/Jul/2026:17:45:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
[redacted] 78.131.69.227 - - [16/Jul/2026:17:45:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
[redacted] 78.131.69.227 - - [16/Jul/2026:17:45:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 78.131.69.227 - - [16/Jul/2026:17:45:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 78.131.69.227 - - [16/Jul/2026:17:46:10 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.3; http://site62047845.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 15:16:25
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu) ...
show more
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 11:16:21.550825 2026] [security2:error] [pid 26672:tid 26672] [client 78.131.69.227:61928] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 78.131.69.227 (+1 hits since last alert)|ftiptondds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ftiptondds.com"] [uri "/xmlrpc.php"] [unique_id "alj1xQut303RTiWzwJgJcwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 12:54:35
(22 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 07:07:58
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu) ...
show more
(mod_security) mod_security (id:240335) triggered by 78.131.69.227 (78-131-69-227.pool.digikabel.hu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:07:53.520477 2026] [security2:error] [pid 11477:tid 11477] [client 78.131.69.227:50427] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 78.131.69.227 (+1 hits since last alert)|tigerpathteam.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tigerpathteam.org"] [uri "/xmlrpc.php"] [unique_id "aliDSU7Ghbb2c8Ug-0G22AAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack