๐ฉ๐ช
rh24
2026-07-16 23:24:55
(6 hours ago)
(xmlrpc_405) XMLRPC-Bot 405 45.160.153.213 (BR/Brazil/-)
Hacking
Anonymous
2026-07-16 14:05:10
(15 hours ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐ฉ๐ช
4server
2026-07-16 13:11:34
(16 hours ago)
[ThuJul1615:11:32.3043022026][security2:error][pid300326:tid300381][client45.160.153.213:0]ModSecuri ...
show more
[ThuJul1615:11:32.3043022026][security2:error][pid300326:tid300381][client45.160.153.213:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"modularss.com\"][uri\"/xmlrpc.php\"][unique_id\"aljYhJwe9s3rrn_1YLHpXAAAAZM\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ฉ๐ช
HERA - Operations
2026-07-16 01:05:13
(1 day ago)
sensobox - searching for vulnerable scripts: xmlrpc.php 2026/07/16 03:05:13
Web App Attack
Anonymous
2026-07-15 23:12:49
(1 day ago)
(wordpress) Failed wordpress login from 45.160.153.213 (BR/Brazil/-)
Brute-Force
๐ฉ๐ช
Hary74656
2026-07-15 13:29:54
(1 day ago)
[Wed Jul 15 15:29:53.066175 2026] [authz_core:error] [pid 104736:tid 104834] [client 45.160.153.213: ...
show more
[Wed Jul 15 15:29:53.066175 2026] [authz_core:error] [pid 104736:tid 104834] [client 45.160.153.213:41906] AH01630: client denied by server configuration: /home/harald/www/aschi.at/xmlrpc.php
...
show less
Bad Web Bot
๐ณ๐ฑ
Site.eu
2026-07-13 23:13:35
(3 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
Anonymous
2026-07-13 18:15:15
(3 days ago)
IP banned by Fail2Ban in jail nginx-abusive-ips
Web App Attack
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-12 21:47:32
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 45.160.153.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 45.160.153.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 17:47:28.615839 2026] [security2:error] [pid 6707:tid 6707] [client 45.160.153.213:41325] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||budgetbyron.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "budgetbyron.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alQLcLQ7X8v4I_J48fS8MwAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 16:46:29
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 45.160.153.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 45.160.153.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 12:46:21.891049 2026] [security2:error] [pid 10694:tid 10718] [client 45.160.153.213:41402] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||vinylnotespodcast.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vinylnotespodcast.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alPE3ZHjaK8CbiEpxajCugAAANU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ง๐ท
ICS Labs
2026-07-10 18:40:01
(6 days ago)
ICS Labs identified 45.160.153.213 as a malicious indicator from threat intelligence.
DDoS Attack
Port Scan
Hacking
Brute-Force
Exploited Host
๐บ๐ธ
TPI-Abuse
2026-07-10 18:35:49
(6 days ago)
(mod_security) mod_security (id:225170) triggered by 45.160.153.213 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 45.160.153.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 14:35:44.987492 2026] [security2:error] [pid 29728:tid 29728] [client 45.160.153.213:41977] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||wwfstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wwfstudio.com"] [uri "/wp-json/wp/v2/users"] [unique_id "alE7gIbdw0S0MY_OyhvZbAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
big-cloud.nl
2026-07-10 17:59:56
(6 days ago)
Try to access /xmlrpc.php
Web App Attack
๐จ๐ฆ
SoteriaCovenant
2026-07-10 16:22:39
(6 days ago)
Automated probe: /xmlrpc.php on Soteria Global infrastructure. No vulnerable software present.
Brute-Force
๐ฌ๐ง
seniorlinuxadmin
2026-07-10 15:44:33
(6 days ago)
45.160.153.213 - - [10/Jul/2026:16:44:31 +0100] "POST /xmlrpc.php HTTP/1.1" 404 158 "-" "Mozilla/5.0 ...
show more
45.160.153.213 - - [10/Jul/2026:16:44:31 +0100] "POST /xmlrpc.php HTTP/1.1" 404 158 "-" "Mozilla/5.0 (Windows NT 6.2; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/83.0.0.0 Safari/537.36"
show less
Port Scan
Web App Attack