๐ณ๐ฑ
Site.eu
2026-07-14 08:59:23
(14 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
ghostwarriors
2026-07-14 08:20:32
(14 hours ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 08:08:21
(15 hours ago)
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 04:08:18.031556 2026] [security2:error] [pid 31610:tid 31610] [client 45.123.221.41:65102] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.221.41 (+1 hits since last alert)|d-sinema.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d-sinema.com"] [uri "/xmlrpc.php"] [unique_id "alXuciDPUXsoTTF7cUzL0wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 08:04:15
(15 hours ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-14 04:56:56
(18 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
NP/Nepal/-
Web App Attack
๐ซ๐ท
dynamix
2026-07-14 03:55:55
(19 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฌ๐ท
setupgr
2026-07-13 00:59:53
(1 day ago)
(XMLRPC) WP XMLRPC Attack 45.123.221.41 (NP/Nepal/Bagmati Province/Kathmandu (Koteshwor)/-/[AS55915 ...
show more
(XMLRPC) WP XMLRPC Attack 45.123.221.41 (NP/Nepal/Bagmati Province/Kathmandu (Koteshwor)/-/[AS55915 CLASSIC-NP Classic Tech Pvt. Ltd.]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 45.123.221.41 - - [13/Jul/2026:03:57:06 +0300] "POST /xmlrpc.php HTTP/1.1" 503 18932 "-" "Jetpack by WordPress.com"
show less
Port Scan
Anonymous
2026-07-12 02:43:30
(2 days ago)
Fail2Ban WordPress login brute-force detected
Brute-Force
Web App Attack
๐ฉ๐ช
konseptit
2026-07-12 02:43:22
(2 days ago)
(wordpress) Failed wordpress login from 45.123.221.41 (NP/Nepal/-)
Brute-Force
๐ซ๐ท
dynamix
2026-07-11 09:29:17
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-10 02:46:36
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-10 02:19:49
(4 days ago)
[osotir.org] httpd-xmlrpc-post: sites=www.drasimas.gr; logs=/var/log/httpd/domains/drasimas.gr.log; ...
show more
[osotir.org] httpd-xmlrpc-post: sites=www.drasimas.gr; logs=/var/log/httpd/domains/drasimas.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 02:17:25
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 22:17:17.703138 2026] [security2:error] [pid 8707:tid 8707] [client 45.123.221.41:6520] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.221.41 (+1 hits since last alert)|edgebiopharma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgebiopharma.com"] [uri "/xmlrpc.php"] [unique_id "alBWLbCs9ogndlNV58H5YgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 16:58:46
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 12:58:43.003631 2026] [security2:error] [pid 15369:tid 15387] [client 45.123.221.41:26333] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.221.41 (+1 hits since last alert)|giere.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "giere.us"] [uri "/xmlrpc.php"] [unique_id "ak_TQqTo-42LyRjBNxdXegAAAE4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 14:24:29
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.123.221.41 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 10:24:23.204577 2026] [security2:error] [pid 24685:tid 24685] [client 45.123.221.41:9809] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.123.221.41 (+1 hits since last alert)|pharmaceuticalsalescareerhub.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pharmaceuticalsalescareerhub.com"] [uri "/xmlrpc.php"] [unique_id "ak-vFzoKjWAfSardRZRJWwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack