πΊπΈ
TPI-Abuse
2026-07-11 17:24:53
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 13:24:49.524909 2026] [security2:error] [pid 18952:tid 18952] [client 45.241.77.213:55397] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.241.77.213 (+1 hits since last alert)|gasoilliquidsdaily.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gasoilliquidsdaily.com"] [uri "/xmlrpc.php"] [unique_id "alJ8YeBZ_vVyhHQfeCzAbwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-11 11:36:38
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-11 08:57:37
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 11 04:57:30.141992 2026] [security2:error] [pid 27373:tid 27373] [client 45.241.77.213:52732] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.241.77.213 (+1 hits since last alert)|bostonmarathonstories.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bostonmarathonstories.com"] [uri "/xmlrpc.php"] [unique_id "alIFet3fHFAIiNzXpMDIUgAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-07-10 19:15:44
(3 days ago)
(wordpress) Failed wordpress login from 45.241.77.213 (EG/Egypt/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-09 15:44:23
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 11:44:16.434453 2026] [security2:error] [pid 20002:tid 20002] [client 45.241.77.213:56502] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.241.77.213 (+1 hits since last alert)|eta-mct.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eta-mct.com"] [uri "/xmlrpc.php"] [unique_id "ak_B0N6zkOEExPLXDkhJpAAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
IloGus
2026-07-08 17:30:32
(5 days ago)
WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail
Web App Attack
πΊπΈ
TAY
2026-07-08 17:15:14
(5 days ago)
45.241.77.213 - - [09/Jul/2026:01:14:53 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5941 "-" "Jetpack by ...
show more
45.241.77.213 - - [09/Jul/2026:01:14:53 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5941 "-" "Jetpack by WordPress.com"
45.241.77.213 - - [09/Jul/2026:01:15:03 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5941 "-" "WordPress.com; https://wordpress.com"
45.241.77.213 - - [09/Jul/2026:01:15:14 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5941 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-08 11:11:11
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 07:11:02.823907 2026] [security2:error] [pid 17600:tid 17600] [client 45.241.77.213:54536] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.241.77.213 (+1 hits since last alert)|bonesband.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bonesband.com"] [uri "/xmlrpc.php"] [unique_id "ak4wRnf_6GciH3T6p4LxYQAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Kenshin869
2026-07-07 17:30:40
(6 days ago)
Wordpress unauthorized access attempt
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-07 10:15:57
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 06:15:51.754313 2026] [security2:error] [pid 16205:tid 16205] [client 45.241.77.213:55854] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.241.77.213 (+1 hits since last alert)|amywoodruff.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "amywoodruff.com"] [uri "/xmlrpc.php"] [unique_id "akzR1yPuhQxw7Mc3SgY0jwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-07 09:41:52
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 05:41:46.912947 2026] [security2:error] [pid 14346:tid 14346] [client 45.241.77.213:54220] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.241.77.213 (+1 hits since last alert)|theyoungstrategist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theyoungstrategist.com"] [uri "/xmlrpc.php"] [unique_id "akzJ2nj7owFG8FZ_5ujL6wAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
masterguru
2026-07-04 09:26:28
(1 week ago)
(xmlrpc) Failed xmlrpc access from 45.241.77.213 (EG/Egypt/-): 5 in the last 3600 secs (0-122)
Hacking
πΊπΈ
TPI-Abuse
2026-07-04 07:41:00
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 45.241.77.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 03:40:53.278459 2026] [security2:error] [pid 26176:tid 26176] [client 45.241.77.213:54716] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.241.77.213 (+1 hits since last alert)|jacquelineperriam.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jacquelineperriam.com"] [uri "/xmlrpc.php"] [unique_id "aki5BSdWd9qPXWiJpRx6cgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack