๐บ๐ธ
TPI-Abuse
2026-07-13 23:57:22
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 19:57:15.710326 2026] [security2:error] [pid 996:tid 996] [client 5.45.132.162:58619] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.45.132.162 (+1 hits since last alert)|iconflgc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "iconflgc.com"] [uri "/xmlrpc.php"] [unique_id "alV7W4Z3AyMsgM2-zFmPMwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-13 21:22:33
(1 day ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 18:39:23
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 14:39:15.247701 2026] [security2:error] [pid 9054:tid 9054] [client 5.45.132.162:17116] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.45.132.162 (+1 hits since last alert)|globalsolutions.technology|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "globalsolutions.technology"] [uri "/xmlrpc.php"] [unique_id "alUw056s7Aou6ZBJhWVhkwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐จ๐ฆ
Dunham Support
2026-07-13 18:35:50
(1 day ago)
(wordpress) Failed wordpress login from 5.45.132.162 (JO/Jordan/-)
Brute-Force
Anonymous
2026-07-13 18:05:38
(1 day ago)
5.45.132.162 - - [13/Jul/2026:20:05:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com ...
show more
5.45.132.162 - - [13/Jul/2026:20:05:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com"
5.45.132.162 - - [13/Jul/2026:20:05:17 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com"
5.45.132.162 - - [13/Jul/2026:20:05:24 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
5.45.132.162 - - [13/Jul/2026:20:05:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.4)"
5.45.132.162 - - [13/Jul/2026:20:05:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 17:12:46
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 13:12:39.220467 2026] [security2:error] [pid 3640668:tid 3640668] [client 5.45.132.162:31251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.45.132.162 (+1 hits since last alert)|laura-stone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "laura-stone.com"] [uri "/xmlrpc.php"] [unique_id "alUchw5mDOBESiFNMc37jQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-13 17:10:40
(1 day ago)
(wordpress) Failed wordpress login from 5.45.132.162 (JO/Jordan/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 13:44:01
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 5.45.132.162 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 09:43:54.778517 2026] [security2:error] [pid 9287:tid 9287] [client 5.45.132.162:38338] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 5.45.132.162 (+1 hits since last alert)|ftiptondds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ftiptondds.com"] [uri "/xmlrpc.php"] [unique_id "alTrmlZ8IcyhVqeQ6s9U3wAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
D3RP4UL
2026-01-17 21:17:19
(5 months ago)
Honeypot hit: Unauthorized connection attempt detected on 23/TELNET
Port Scan
Hacking
Anonymous
2025-11-21 20:55:21
(7 months ago)
scanning http requests from known botnet
Web App Attack
๐ธ๐ฌ
mypatricks
2025-11-16 14:53:40
(7 months ago)
5.45.132.162 | Port: 12555 | DNS: 5.45.132.162 2025-11-16T22:53:54+08:00 Asia/Amman | Fake HTTP Prot ...
show more
5.45.132.162 | Port: 12555 | DNS: 5.45.132.162 2025-11-16T22:53:54+08:00 Asia/Amman | Fake HTTP Protocol detected! | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /?3d684f41606d39=zh-cn&code=zh-cn | Ref: - | Country: JO/Jordan/+02:00 IP City: Amman Windows 99f7d1aad975b1b7-AMM/Amman, Jordan 1 hits/0 secs Robots 2
show less
Web Spam
Blog Spam
Brute-Force
Exploited Host
Web App Attack
๐ญ๐บ
ksol-hostmaster
2025-10-19 20:48:13
(8 months ago)
Massive botnet baited into scraping tarpit
Bad Web Bot
๐ณ๐ฑ
exxos
2025-08-01 03:50:06
(11 months ago)
HTTP1.x attacks
DDoS Attack