๐ฎ๐น
Inartis
2026-07-16 13:49:57
(10 hours ago)
78.40.181.78 - - [16/Jul/2026:15:49:56 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4979 "-" "Mozilla/5.0 ...
show more
78.40.181.78 - - [16/Jul/2026:15:49:56 +0200] "POST /xmlrpc.php HTTP/1.1" 403 4979 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x64) AppleWebKit/537.36 (KHTML, like Gecko) Opera/66.0.0.0 Safari/537.36"
...
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 01:11:06
(23 hours ago)
(mod_security) mod_security (id:225170) triggered by 78.40.181.78 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 78.40.181.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 21:10:59.377279 2026] [security2:error] [pid 3300983:tid 3300983] [client 78.40.181.78:7383] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||fatcavestudios.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fatcavestudios.com"] [uri "/wp-json/wp/v2/users"] [unique_id "algvoyLQXbyO0CERk3eeSQAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
mnsf
2026-07-13 10:05:10
(3 days ago)
Xmlrpc Caught (7)
Brute-Force
Web App Attack
๐ฌ๐ง
Oakley
2026-06-30 02:08:28
(2 weeks ago)
(confirmed_bot_sig) Confirmed bot
Hacking
๐บ๐ธ
kosada.com
2026-06-29 07:13:39
(2 weeks ago)
Web bot: denial-of-service flood
DDoS Attack
Bad Web Bot
Anonymous
2026-06-10 08:14:23
(1 month ago)
78.40.181.78 - - [10/Jun/2026:10:08:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 ( ...
show more
78.40.181.78 - - [10/Jun/2026:10:08:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.0.0 Safari/537.36"
78.40.181.78 - - [10/Jun/2026:10:08:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.0.0 Safari/537.36"
78.40.181.78 - - [10/Jun/2026:10:13:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/99.0.0.0 Safari/537.36"
78.40.181.78 - - [10/Jun/2026:10:13:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/99.0.0.0 Safari/537.36"
78.40.181.78 - - [10/Jun/2026:10:14:22 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; x86) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
filstal.org
2026-06-06 10:57:55
(1 month ago)
Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. U ...
show more
Automated bot: spoofed/impossible user-agent, web scraping or automated request patterns detected. UA: Mozilla/5.0 (compatible; MSIE 9.0; Windows 98; Trident/5.0)
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
WellSpring
2026-05-04 15:42:52
(2 months ago)
xmlrpc exploit on 510.today/xmlrpc.php โ WellSpr.ing/NetSentinel civic-AI security layer
Brute-Force
Web App Attack
๐ฎ๐ฉ
Burayot
2026-05-04 15:19:32
(2 months ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 78.40.181.78 (LB/Lebanon/-): 1 in t ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 78.40.181.78 (LB/Lebanon/-): 1 in the last 3600 secs
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-01 17:18:03
(2 months ago)
(mod_security) mod_security (id:225170) triggered by 78.40.181.78 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 78.40.181.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 13:17:58.742453 2026] [security2:error] [pid 25122:tid 25248] [client 78.40.181.78:63588] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wnsi.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wnsi.org"] [uri "/wp-json/wp/v2/users"] [unique_id "afTgRi8K38TLW8eYFushsQAAAk4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ญ
backslash
2026-02-07 10:40:18
(5 months ago)
block ruleset 6B63410D189E6343B910F7440B8499558BEC52EB
Bad Web Bot
๐ช๐ธ
el-brujo
2025-12-18 19:15:00
(6 months ago)
DDoS Attack Layer 7 Meri Botnet
DDoS Attack