๐บ๐ธ
TPI-Abuse
2026-07-05 13:58:40
(14 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 09:58:34.435084 2026] [security2:error] [pid 17580:tid 17580] [client 49.145.45.113:6787] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.145.45.113 (+1 hits since last alert)|lasertherapyoc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lasertherapyoc.com"] [uri "/xmlrpc.php"] [unique_id "akpjCouuuC4Py113-kMbuAAAADE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 11:56:05
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 07:56:01.550674 2026] [security2:error] [pid 7187:tid 7187] [client 49.145.45.113:8094] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.145.45.113 (+1 hits since last alert)|nomanszone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nomanszone.com"] [uri "/xmlrpc.php"] [unique_id "akpGUa2IyLtHYfuc4axIhAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 11:39:34
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 07:39:27.317156 2026] [security2:error] [pid 18832:tid 18832] [client 49.145.45.113:5978] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.145.45.113 (+1 hits since last alert)|internetnameregistration.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "internetnameregistration.com"] [uri "/xmlrpc.php"] [unique_id "akpCb0xEFy0iOPXzDlwV_QAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ฎ
YF
2026-07-05 11:01:01
(17 hours ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ฉ๐ช
PHAM
2026-07-05 10:21:43
(17 hours ago)
Shield Guard: Scanner: wordpress (+70) | Chemin suspect: /xmlrpc.php | xmlrpc.php bloquรฉ
Web App Attack
Port Scan
๐ช๐ธ
masterguru
2026-07-05 10:21:35
(17 hours ago)
(xmlrpc) Failed xmlrpc access from 49.145.45.113 (PH/Philippines/dsl.49.145.45.113.pldt.net): 5 in t ...
show more
(xmlrpc) Failed xmlrpc access from 49.145.45.113 (PH/Philippines/dsl.49.145.45.113.pldt.net): 5 in the last 3600 secs (0-122)
show less
Hacking
๐ง๐ช
cmbplf
2026-07-05 05:29:12
(22 hours ago)
5.271 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
๐ฆ๐บ
screwlooseit.com.au
2026-07-05 05:17:14
(22 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
PH/Philippines/dsl.49.145.45.113.pldt.net
Web App Attack
Anonymous
2026-07-05 04:51:23
(23 hours ago)
[da.kdns.gr] httpd-xmlrpc-post: sites=www.galanistherm.gr; logs=/var/log/httpd/domains/galanistherm. ...
show more
[da.kdns.gr] httpd-xmlrpc-post: sites=www.galanistherm.gr; logs=/var/log/httpd/domains/galanistherm.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-05 04:07:43
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-05 03:10:02
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 i ...
show more
(mod_security) mod_security (id:240335) triggered by 49.145.45.113 (dsl.49.145.45.113.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 23:09:54.186694 2026] [security2:error] [pid 13730:tid 13814] [client 49.145.45.113:6659] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 49.145.45.113 (+1 hits since last alert)|koalacogs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "koalacogs.com"] [uri "/xmlrpc.php"] [unique_id "aknLAqU222LKSMcG83PjKAAAAQ4"]
show less
Brute-Force
Bad Web Bot
Web App Attack