๐ซ๐ท
dynamix
2026-07-16 15:45:09
(8 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-16 13:31:09
(11 hours ago)
[redacted] 45.112.71.84 - - [16/Jul/2026:15:30:28 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6686 "-" "J ...
show more
[redacted] 45.112.71.84 - - [16/Jul/2026:15:30:28 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6686 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
[redacted] 45.112.71.84 - - [16/Jul/2026:15:30:35 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6686 "-" "Jetpack/12.1; WordPress/6.4; http://site65008415.com"
[redacted] 45.112.71.84 - - [16/Jul/2026:15:30:47 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6642 "-" "WordPress.com; https://wordpress.com"
[redacted] 45.112.71.84 - - [16/Jul/2026:15:30:57 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6642 "-" "WordPress.com; https://wordpress.com"
[redacted] 45.112.71.84 - - [16/Jul/2026:15:31:08 +0200] "POST /xmlrpc.php HTTP/1.1" 403 6642 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 13:02:49
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 09:02:40.428356 2026] [security2:error] [pid 19668:tid 19668] [client 45.112.71.84:58496] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.112.71.84 (+1 hits since last alert)|bonesband.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bonesband.com"] [uri "/xmlrpc.php"] [unique_id "aljWcIPho8J2sns5umqKFAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TAY
2026-07-16 13:01:13
(11 hours ago)
45.112.71.84 - - [16/Jul/2026:20:59:42 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5941 "-" "Jetpack/13.0 ...
show more
45.112.71.84 - - [16/Jul/2026:20:59:42 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5941 "-" "Jetpack/13.0; WordPress/6.1; http://site61362235.com"
45.112.71.84 - - [16/Jul/2026:21:01:05 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5316 "-" "WordPress.com; https://wordpress.com"
45.112.71.84 - - [16/Jul/2026:21:00:12 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5316 "-" "Jetpack/12.1; WordPress/6.2; http://site41291686.com"
...
show less
Brute-Force
Anonymous
2026-07-16 11:17:50
(13 hours ago)
Bad Web Bot
Web App Attack
๐ฌ๐ง
consul.to
2026-07-16 04:37:09
(20 hours ago)
Web attack/malicious scanning detected
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-15 12:50:48
(1 day ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 12:47:29
(1 day ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 10:06:03
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 06:05:56.485961 2026] [security2:error] [pid 27511:tid 27511] [client 45.112.71.84:63985] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.112.71.84 (+1 hits since last alert)|starsmogsandiego.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "starsmogsandiego.com"] [uri "/xmlrpc.php"] [unique_id "aldbhGVzbQebo3KE3e7j0QAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 16:30:09
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 12:30:03.201899 2026] [security2:error] [pid 13874:tid 13897] [client 45.112.71.84:57048] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.112.71.84 (+1 hits since last alert)|eceinal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eceinal.com"] [uri "/xmlrpc.php"] [unique_id "alZkC7trCZEdIpzzFp1CSwAAANQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 14:26:32
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 10:26:24.670851 2026] [security2:error] [pid 8321:tid 8321] [client 45.112.71.84:54583] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.112.71.84 (+1 hits since last alert)|bergenoaks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bergenoaks.com"] [uri "/xmlrpc.php"] [unique_id "alZHEAjS-If4vp_Aa7A9RAAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
dbmwebdesign
2026-07-14 13:25:18
(2 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-07-14 07:30:52
(2 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ฉ๐ช
Marc
2026-07-14 07:05:54
(2 days ago)
45.112.71.84 - - [14/Jul/2026:09:05:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "Jetpack by W ...
show more
45.112.71.84 - - [14/Jul/2026:09:05:32 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)" 45.112.71.84 - - [14/Jul/2026:09:05:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3404 "-" "Jetpack/12.5; WordPress/6.4; http://site28806824.com" 45.112.71.84 - - [14/Jul/2026:09:05:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3403 "-" "Jetpack by WordPress.com"
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 07:06:40
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadba ...
show more
(mod_security) mod_security (id:240335) triggered by 45.112.71.84 (node-45-112-71-84.alliancebroadband.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 03:06:31.526868 2026] [security2:error] [pid 26802:tid 26802] [client 45.112.71.84:61844] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.112.71.84 (+1 hits since last alert)|johncyphers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "johncyphers.com"] [uri "/xmlrpc.php"] [unique_id "alSOd4IIOyW2gQAA64a3DgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack