๐บ๐ธ
TPI-Abuse
2026-07-14 11:56:45
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 07:56:41.035344 2026] [security2:error] [pid 9971:tid 9971] [client 45.250.252.165:64088] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.250.252.165 (+1 hits since last alert)|thesalonx.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "alYj-Tl0CtG9KRfP4ORgPgAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 22:18:41
(4 weeks ago)
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 18:18:24.544217 2026] [security2:error] [pid 6617:tid 6617] [client 45.250.252.165:64465] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.250.252.165 (+1 hits since last alert)|thesalonx.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "ajRusBbHJBjdsPL7JvCogwAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-31 05:28:18
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 31 01:28:03.193696 2026] [security2:error] [pid 14780:tid 14780] [client 45.250.252.165:60833] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.250.252.165 (+1 hits since last alert)|odysseydogasporlari.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "odysseydogasporlari.com"] [uri "/xmlrpc.php"] [unique_id "ahvG4w11IzUizErCAmWzfgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-25 21:14:35
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 17:14:21.700340 2026] [security2:error] [pid 14259:tid 14259] [client 45.250.252.165:55066] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.250.252.165 (+1 hits since last alert)|thesalonx.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thesalonx.com"] [uri "/xmlrpc.php"] [unique_id "ahS7rZXF7AN7SY4oW_KY3AAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
sshtmp
2026-05-25 21:06:33
(1 month ago)
[AbuseIPDB auto-report]
Attack: WordPress XML-RPC brute-force
Hits: 2 | First: 2026-05-25T23:06:29+0 ...
show more
[AbuseIPDB auto-report]
Attack: WordPress XML-RPC brute-force
Hits: 2 | First: 2026-05-25T23:06:29+02:00 | Last: 2026-05-25T23:06:33+02:00
Samples: POST /xmlrpc.php [503]
show less
Brute-Force
Web App Attack
๐ฎ๐น
[email protected]
2026-04-16 16:56:29
(3 months ago)
45.250.252.165 - - [16/Apr/2026:18:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3762 "-" "Mozilla/5. ...
show more
45.250.252.165 - - [16/Apr/2026:18:16:43 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3762 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
45.250.252.165 - - [16/Apr/2026:18:36:58 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3762 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
45.250.252.165 - - [16/Apr/2026:18:37:02 +0200] "POST /xmlrpc.php HTTP/1.1" 403 841 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
...
show less
Brute-Force
Web App Attack
๐ฉ๐ช
abdubhai
2026-04-16 16:50:07
(3 months ago)
45.250.252.165 - - [16/Apr/2026:
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-02-20 18:11:08
(4 months ago)
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 45.250.252.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 13:10:50.526848 2026] [security2:error] [pid 8935:tid 8935] [client 45.250.252.165:50109] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.250.252.165 (+1 hits since last alert)|www.goddesskink.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.goddesskink.com"] [uri "/new/xmlrpc.php"] [unique_id "aZijqm8eXxC9ct0GP_jf4QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
threatintelligence_bvc
2026-01-05 17:12:11
(6 months ago)
Brute-Force
๐บ๐ธ
agenciahypelab.com.br
2025-09-22 04:53:32
(9 months ago)
WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER
Brute-Force
SSH
Anonymous
2025-09-22 04:40:37
(9 months ago)
(smtpauth) Failed SMTP AUTH login from 45.250.252.165 (CL/Chile/Santiago Metropolitan/-/-/[redacted] ...
show more
(smtpauth) Failed SMTP AUTH login from 45.250.252.165 (CL/Chile/Santiago Metropolitan/-/-/[redacted])
show less
Brute-Force
๐จ๐ฟ
lp
2025-09-22 01:54:01
(9 months ago)
Email account brute force: 4 attempts were recorded from 45.250.252.165
2025-09-22T02:13:12+02:00 wa ...
show more
Email account brute force: 4 attempts were recorded from 45.250.252.165
2025-09-22T02:13:12+02:00 warning: unknown[45.250.252.165]: SASL PLAIN authentication failed: authentication failure, [email protected]
2025-09-22T02:13:12+02:00 warning: unknown[45.250.252.165]: SASL LOGIN authentication failed: authentication failure, [email protected]
2025-09-22T02:13:18+02:00 warning: unknown[45.250.252.165]: SASL PLAIN authentication failed: authentication failure, [email protected]
2025-09-22T02:13:19+02:00 warning: unknown[45.250.252.165]: SASL LOGIN authentication failed: authentication failure, [email protected]
show less
Brute-Force
Anonymous
2025-09-22 01:25:34
(9 months ago)
(smtpauth) Failed SMTP AUTH login from 45.250.252.165 (CL/Chile/-)
Brute-Force
๐ฉ๐ช
Roper123
2025-02-20 10:01:05
(1 year ago)
Postfix RBL
Email Spam
Anonymous
2025-02-20 07:09:43
(1 year ago)
postfix
Email Spam
Web App Attack