๐ซ๐ท
tecnicorioja
2026-07-15 22:01:41
(2 hours ago)
POST /xmlrpc.php [15/Jul/2026:05:09:48
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-15 10:28:33
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 06:28:25.802704 2026] [security2:error] [pid 25975:tid 25975] [client 45.239.238.119:13348] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.119 (+1 hits since last alert)|enjoymycondos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "enjoymycondos.com"] [uri "/xmlrpc.php"] [unique_id "aldgye8jDX8O-J5z5luugQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-15 03:41:23
(21 hours ago)
(xmlrpc_405) XMLRPC-Bot 405 45.239.238.119 (BR/Brazil/-)
Hacking
๐ณ๐ฑ
Site.eu
2026-07-15 03:11:38
(21 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ช๐ธ
masterguru
2026-07-14 20:29:17
(1 day ago)
(xmlrpc) Failed xmlrpc access from 45.239.238.119 (BR/Brazil/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-14 18:25:21
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 14:25:13.561355 2026] [security2:error] [pid 4339:tid 4339] [client 45.239.238.119:12390] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.119 (+1 hits since last alert)|gaeltv.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gaeltv.com"] [uri "/xmlrpc.php"] [unique_id "alZ_CVUIDO5HXFNZQDF51wAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-14 11:37:20
(1 day ago)
(wordpress) Failed wordpress login from 45.239.238.119 (BR/Brazil/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-14 11:08:31
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 07:08:23.990281 2026] [security2:error] [pid 12856:tid 12856] [client 45.239.238.119:13300] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.119 (+1 hits since last alert)|ucommsi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ucommsi.com"] [uri "/xmlrpc.php"] [unique_id "alYYp0TWp2r5EvovL2R0hwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 10:39:33
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 06:39:25.709380 2026] [security2:error] [pid 7651:tid 7651] [client 45.239.238.119:12214] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.119 (+1 hits since last alert)|xcarsubscription.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "xcarsubscription.com"] [uri "/xmlrpc.php"] [unique_id "alYR3e1GXsRfm0Lq8cHnHwAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 10:10:46
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.239.238.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 06:10:42.822659 2026] [security2:error] [pid 28264:tid 28264] [client 45.239.238.119:13399] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.239.238.119 (+1 hits since last alert)|reelvisionboard.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reelvisionboard.com"] [uri "/xmlrpc.php"] [unique_id "alYLIjGLpJUYsPSU6WT6_QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-14 06:48:07
(1 day ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ฉ๐ช
LRob
2026-07-14 06:02:40
(1 day ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack/12.5; WordPress ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack/12.5; WordPress/6.1; http://site53367770.com
show less
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-14 06:02:10
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-14 04:31:55
(1 day ago)
[redacted] 45.239.238.119 - - [14/Jul/2026:06:31:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 45.239.238.119 - - [14/Jul/2026:06:31:12 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.2; http://site60454402.com"
[redacted] 45.239.238.119 - - [14/Jul/2026:06:31:23 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
[redacted] 45.239.238.119 - - [14/Jul/2026:06:31:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 45.239.238.119 - - [14/Jul/2026:06:31:44 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 45.239.238.119 - - [14/Jul/2026:06:31:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ณ๐ฑ
maxxsense
2026-07-13 20:58:45
(2 days ago)
(wordpress) Failed wordpress login from 45.239.238.119 (BR/Brazil/-)
Brute-Force