๐ฉ๐ช
rh24
2026-06-30 17:04:28
(2 days ago)
(wordpress) Failed wordpress login from 45.251.234.94 (IN/India/45-251-234-94.bb.sswl.in): (CF_ENAB ...
show more
(wordpress) Failed wordpress login from 45.251.234.94 (IN/India/45-251-234-94.bb.sswl.in): (CF_ENABLE)
show less
Brute-Force
Anonymous
2026-06-30 17:04:04
(2 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 17:58:42
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 13:58:35.871953 2026] [security2:error] [pid 31902:tid 31902] [client 45.251.234.94:65256] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.251.234.94 (+1 hits since last alert)|eatcakecup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eatcakecup.com"] [uri "/xmlrpc.php"] [unique_id "akFgy3Gq-uhDFo91X_M9MwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-06-28 15:54:04
(4 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/45-251-234-94.bb.sswl.in
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 11:43:05
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 07:43:01.335986 2026] [security2:error] [pid 5724:tid 5859] [client 45.251.234.94:52894] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.251.234.94 (+1 hits since last alert)|executiveaccounting.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "executiveaccounting.net"] [uri "/xmlrpc.php"] [unique_id "akEIxWjf3rWlQs0OSN0FyQAAApU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-28 11:40:24
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 09:31:15
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 05:31:07.015182 2026] [security2:error] [pid 24297:tid 24297] [client 45.251.234.94:57426] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.251.234.94 (+1 hits since last alert)|concentricsteel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "concentricsteel.com"] [uri "/xmlrpc.php"] [unique_id "akDp2z9oVdycZfty1wQaRQAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-06-27 19:47:15
(5 days ago)
(xmlrpc) Failed xmlrpc access from 45.251.234.94 (IN/India/45-251-234-94.bb.sswl.in): 5 in the last ...
show more
(xmlrpc) Failed xmlrpc access from 45.251.234.94 (IN/India/45-251-234-94.bb.sswl.in): 5 in the last 3600 secs (0-122)
show less
Hacking
๐บ๐ธ
Jason Howell
2026-06-27 19:42:03
(5 days ago)
45.251.234.94 - - [27/Jun/2026:14:11:30 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4746 "-" "WordPress.c ...
show more
45.251.234.94 - - [27/Jun/2026:14:11:30 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4746 "-" "WordPress.com; https://wordpress.com"
45.251.234.94 - - [27/Jun/2026:14:18:21 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "WordPress.com; https://wordpress.com"
45.251.234.94 - - [27/Jun/2026:14:20:26 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4748 "-" "Jetpack/13.0; WordPress/6.4; http://site20560057.com"
45.251.234.94 - - [27/Jun/2026:14:39:56 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "WordPress.com; https://wordpress.com"
45.251.234.94 - - [27/Jun/2026:14:42:03 -0500] "POST /xmlrpc.php HTTP/1.1" 200 4747 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-27 07:50:07
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 27 03:50:00.642370 2026] [security2:error] [pid 22208:tid 22208] [client 45.251.234.94:57431] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.251.234.94 (+1 hits since last alert)|hotelausland.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hotelausland.com"] [uri "/xmlrpc.php"] [unique_id "aj-AqBuxJKd5qg-Tem9SsQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-06-27 06:16:34
(5 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
Anonymous
2026-06-24 18:20:21
(1 week ago)
[ns31.kdns.gr] httpd-xmlrpc-post: sites=galani.com.gr; logs=/var/log/httpd/domains/galani.com.gr.log ...
show more
[ns31.kdns.gr] httpd-xmlrpc-post: sites=galani.com.gr; logs=/var/log/httpd/domains/galani.com.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 17:17:50
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 13:17:47.210534 2026] [security2:error] [pid 22024:tid 22024] [client 45.251.234.94:54585] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.251.234.94 (+1 hits since last alert)|vanmeer.info|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vanmeer.info"] [uri "/xmlrpc.php"] [unique_id "ajwROzCoJNMG8Sws1593RAAAAB4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 16:46:48
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 12:46:44.322291 2026] [security2:error] [pid 7632:tid 7632] [client 45.251.234.94:58724] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.251.234.94 (+1 hits since last alert)|dvdmasters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dvdmasters.com"] [uri "/xmlrpc.php"] [unique_id "ajwJ9Bxqohy1bhs83fb8twAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 16:15:46
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in ...
show more
(mod_security) mod_security (id:240335) triggered by 45.251.234.94 (45-251-234-94.bb.sswl.in): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 12:15:40.819787 2026] [security2:error] [pid 28779:tid 28804] [client 45.251.234.94:62469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 45.251.234.94 (+1 hits since last alert)|hearthandhomestudio.art|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hearthandhomestudio.art"] [uri "/xmlrpc.php"] [unique_id "ajwCrLmd1D84z3Q6w37fbgAAAFc"]
show less
Brute-Force
Bad Web Bot
Web App Attack