Anonymous
2026-07-16 21:01:25
(9 hours ago)
129.45.64.52 - - [16/Jul/2026:23:00:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 767 "-" "Jetpack by Wo ...
show more
129.45.64.52 - - [16/Jul/2026:23:00:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 767 "-" "Jetpack by WordPress.com"
129.45.64.52 - - [16/Jul/2026:23:00:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 767 "-" "Jetpack/12.1; WordPress/6.1; http://site53180501.com"
129.45.64.52 - - [16/Jul/2026:23:01:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 767 "-" "Jetpack by WordPress.com"
129.45.64.52 - - [16/Jul/2026:23:01:14 +0200] "POST /xmlrpc.php HTTP/1.1" 200 767 "-" "Jetpack/12.5; WordPress/6.4; http://site29649196.com"
129.45.64.52 - - [16/Jul/2026:23:01:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 767 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
LRob
2026-07-16 15:42:34
(14 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.co ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)
show less
Brute-Force
Web App Attack
๐ฎ๐น
CoreTech srl
2026-07-16 15:18:56
(15 hours ago)
cloudlinux2 fail2ban: 2026-07-16 17:13:52,067 fail2ban.filter [1812]: INFO [plesk-modsecu ...
show more
cloudlinux2 fail2ban: 2026-07-16 17:13:52,067 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 129.45.64.52 - 2026-07-16 17:13:52cloudlinux2 fail2ban: 2026-07-16 17:13:47,046 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 27.131.209.186 - 2026-07-16 17:13:47cloudlinux2 fail2ban: 2026-07-16 17:14:30,294 fail2ban.actions [1812]: NOTICE [plesk-wordpress] Unban 193.37.33.176cloudlinux2 fail2ban: 2026-07-16 17:14:52,212 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 173.239.240.222 - 2026-07-16 17:14:51cloudlinux2 fail2ban: 2026-07-16 17:15:01,736 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 193.37.33.25 - 2026-07-16 17:15:00cloudlinux2 fail2ban: 2026-07-16 17:14:56,023 fail2ban.filter [1812]: INFO [plesk-modsecurity] Found 129.45.64.52 - 2026-07-16 17:14:56cloudlinux2 fail2ban: 2026-07-16 17:14:55,526 fail2ban.filter [1812]: INFO [plesk-wordpress] Found 45.131.195.159 - 2026-07-16 17:14:55cloudlinux2 fail2ban: 20
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 11:39:44
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 07:39:36.410475 2026] [security2:error] [pid 18120:tid 18120] [client 129.45.64.52:2233] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.45.64.52 (+1 hits since last alert)|citrineartstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "citrineartstudio.com"] [uri "/xmlrpc.php"] [unique_id "aljC-GFwZ4siKMIGj0_PfgAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 09:12:16
(21 hours ago)
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 05:12:07.916752 2026] [security2:error] [pid 28832:tid 28929] [client 129.45.64.52:49733] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.45.64.52 (+1 hits since last alert)|guitarprimer.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "guitarprimer.com"] [uri "/xmlrpc.php"] [unique_id "aligZ_i9SPNS36q_x7moFgAAAU8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 07:47:25
(22 hours ago)
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.parthenios.org; logs=/var/log/httpd/domains/parthenios.o ...
show more
[ssd5.kdns.gr] httpd-xmlrpc-post: sites=www.parthenios.org; logs=/var/log/httpd/domains/parthenios.org.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 07:22:20
(23 hours ago)
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:22:12.351172 2026] [security2:error] [pid 12135:tid 12135] [client 129.45.64.52:60534] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.45.64.52 (+1 hits since last alert)|nidusmbt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nidusmbt.com"] [uri "/xmlrpc.php"] [unique_id "aliGpFz53puDH0tAGgqLHwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 22:22:07
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 129.45.64.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 18:22:00.156005 2026] [security2:error] [pid 23167:tid 23167] [client 129.45.64.52:12114] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 129.45.64.52 (+1 hits since last alert)|celebritybikinigossip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celebritybikinigossip.com"] [uri "/xmlrpc.php"] [unique_id "algICLxTo7fzAyiPG3xlbAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-15 22:11:08
(1 day ago)
129.45.64.52 - - [15/Jul/2026:18:10:13 -0400] "POST /xmlrpc.php HTTP/1.1" 403 5049 "-" "WordPress.co ...
show more
129.45.64.52 - - [15/Jul/2026:18:10:13 -0400] "POST /xmlrpc.php HTTP/1.1" 403 5049 "-" "WordPress.com; https://wordpress.com"
129.45.64.52 - - [15/Jul/2026:18:10:24 -0400] "POST /xmlrpc.php HTTP/1.1" 403 5049 "-" "WordPress.com; https://wordpress.com"
129.45.64.52 - - [15/Jul/2026:18:10:34 -0400] "POST /xmlrpc.php HTTP/1.1" 403 5049 "-" "WordPress.com; https://wordpress.com"
129.45.64.52 - - [15/Jul/2026:18:10:55 -0400] "POST /xmlrpc.php HTTP/1.1" 403 5049 "-" "WordPress.com; https://wordpress.com"
129.45.64.52 - - [15/Jul/2026:18:11:06 -0400] "POST /xmlrpc.php HTTP/1.1" 403 5049 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack