๐ณ๐ฑ
Site.eu
2026-07-02 06:25:38
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-07-02 04:56:25
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:56:21.186979 2026] [security2:error] [pid 23471:tid 23471] [client 106.212.111.91:54625] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.212.111.91 (+1 hits since last alert)|solucionesmercadeodigital.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "solucionesmercadeodigital.com"] [uri "/xmlrpc.php"] [unique_id "akXvdY9BXhTUDR7HsyancwAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
akasolutions.de
2026-07-02 04:52:34
(1 day ago)
(wordpress) Failed wordpress login from 106.212.111.91 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-02 04:14:37
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 00:14:30.708575 2026] [security2:error] [pid 25279:tid 25279] [client 106.212.111.91:61586] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.212.111.91 (+1 hits since last alert)|fattoria-rendena.it|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fattoria-rendena.it"] [uri "/xmlrpc.php"] [unique_id "akXlpjHKopDECXtjLz5YdwAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 03:53:04
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 23:53:00.851416 2026] [security2:error] [pid 29149:tid 29149] [client 106.212.111.91:52139] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.212.111.91 (+1 hits since last alert)|hawaiivacations.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hawaiivacations.com"] [uri "/xmlrpc.php"] [unique_id "akXgnAkrLyoye7LLi4BXfwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-02 03:25:29
(1 day ago)
(xmlrpc) Failed xmlrpc access from 106.212.111.91 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
Anonymous
2026-07-02 02:08:42
(1 day ago)
(wordpress) Failed wordpress login from 106.212.111.91 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 08:19:25
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 04:19:21.434282 2026] [security2:error] [pid 19449:tid 19449] [client 106.212.111.91:56288] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.212.111.91 (+1 hits since last alert)|thefrontporchoffering.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thefrontporchoffering.com"] [uri "/xmlrpc.php"] [unique_id "akTNiT-vypPX2QeP00j_ywAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 06:45:18
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 02:45:08.443183 2026] [security2:error] [pid 7997:tid 7997] [client 106.212.111.91:64877] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.212.111.91 (+1 hits since last alert)|pixelspective.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pixelspective.com"] [uri "/xmlrpc.php"] [unique_id "akS3c18UN9CEbK7vk2hSBAAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 05:45:29
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:45:21.622038 2026] [security2:error] [pid 5463:tid 5481] [client 106.212.111.91:60199] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.212.111.91 (+1 hits since last alert)|teritemme.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "teritemme.com"] [uri "/xmlrpc.php"] [unique_id "akSpcSohQwQCyie-gRabCgAAAM4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 14:51:29
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.212.111.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:51:22.887785 2026] [security2:error] [pid 14285:tid 14285] [client 106.212.111.91:53751] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.212.111.91 (+1 hits since last alert)|enjoymycondos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "enjoymycondos.com"] [uri "/xmlrpc.php"] [unique_id "akPX6hVQ0yvy0uo3CqHZlgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-06-30 06:14:19
(3 days ago)
(xmlrpc) Failed xmlrpc access from 106.212.111.91 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
๐ซ๐ท
dynamix
2026-06-30 05:47:31
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐จ๐ญ
Mario Bretscher
2026-06-30 04:45:52
(3 days ago)
Jun 30 06:45:40 beat-band.ch Cerber(beat-band.ch)[624865]: Authentication failure for beat-band from ...
show more
Jun 30 06:45:40 beat-band.ch Cerber(beat-band.ch)[624865]: Authentication failure for beat-band from 106.212.111.91
Jun 30 06:45:51 beat-band.ch Cerber(beat-band.ch)[625104]: Authentication failure for beat-band from 106.212.111.91
...
show less
Web Spam
Anonymous
2026-06-30 03:03:05
(3 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack