|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 12:39:10.296699 2026] [security2:error] [pid 32663:tid 32687] [client 45.123.14.117:12404] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.14.117 (+1 hits since last alert)|tkfay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tkfay.com"] [uri "/xmlrpc.php"] [unique_id "aj_8rsynjXrcp4oxH3dS3QAAANU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 06:02:48.308048 2026] [security2:error] [pid 31630:tid 31630] [client 45.123.14.117:12202] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.14.117 (+1 hits since last alert)|technesa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "technesa.com"] [uri "/xmlrpc.php"] [unique_id "aj-fyDMOs42pRLK8fLrBDgAAABs"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ซ๐ท
masterguru
|
|
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
|
Hacking
|
|
|
๐ฆ๐บ
screwlooseit.com.au
|
|
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/-
|
Web App Attack
|
|
|
Anonymous
|
|
Attac
|
Brute-Force
|
|
|
๐บ๐ธ
integrantservices.com
|
|
(wordpress) Failed wordpress login from 45.123.14.117 (IN/India/-)
|
Brute-Force
|
|
|
๐ฉ๐ช
akasolutions.de
|
|
(wordpress) Failed wordpress login from 45.123.14.117 (IN/India/-)
|
Brute-Force
|
|
|
๐ซ๐ท
dynamix
|
|
WordPress XMLRPC Brute Force Attack
|
Brute-Force
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 04:53:11.801289 2026] [security2:error] [pid 28430:tid 28430] [client 45.123.14.117:36727] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.14.117 (+1 hits since last alert)|thepercussionworks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "aj4993b9Re7Bfgs7mNknWwAAAAU"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ฒ๐น
Malta
|
|
45.123.14.117 - - [26/Jun/2026:10:47:37 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack/12.5; WordPress/ ...
show more
45.123.14.117 - - [26/Jun/2026:10:47:37 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack/12.5; WordPress/6.4; http://site95454208.com"
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.14.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 02:21:10.530073 2026] [security2:error] [pid 7637:tid 7637] [client 45.123.14.117:12478] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.14.117 (+1 hits since last alert)|enriquejezik.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "enriquejezik.com"] [uri "/xmlrpc.php"] [unique_id "aj4aVjoc9C0QDxvhvzuQOgAAAAk"]
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
[redacted] 45.123.14.117 - - [25/Jun/2026:18:35:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "W ...
show more
[redacted] 45.123.14.117 - - [25/Jun/2026:18:35:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 45.123.14.117 - - [25/Jun/2026:18:35:34 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.4)"
[redacted] 45.123.14.117 - - [25/Jun/2026:18:35:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 45.123.14.117 - - [25/Jun/2026:18:35:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
[redacted] 45.123.14.117 - - [25/Jun/2026:18:36:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
...
show less
|
Hacking
Web App Attack
|
|
|
Anonymous
|
|
Trying to access config files
|
Web App Attack
|
|
|
Anonymous
|
|
[redacted] 45.123.14.117 - - [25/Jun/2026:11:52:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 45.123.14.117 - - [25/Jun/2026:11:52:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 45.123.14.117 - - [25/Jun/2026:11:52:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site38093713.com"
[redacted] 45.123.14.117 - - [25/Jun/2026:11:53:03 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.2; http://site18738978.com"
[redacted] 45.123.14.117 - - [25/Jun/2026:11:53:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
[redacted] 45.123.14.117 - - [25/Jun/2026:11:53:25 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
|
Hacking
Web App Attack
|
|
|
๐บ๐ธ
WeekendWeb
|
|
Wordpress Vunerability attack
|
Web App Attack
|
|