๐ณ๐ฑ
Site.eu
2026-07-17 16:48:20
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
tecnicorioja
2026-07-15 22:01:43
(3 days ago)
POST /xmlrpc.php [15/Jul/2026:07:26:11
Web App Attack
Brute-Force
๐ณ๐ฑ
ConsulHosting
2026-07-15 12:13:35
(3 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 11:59:45
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 07:59:32.032027 2026] [security2:error] [pid 1859:tid 1859] [client 106.214.9.90:10359] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.214.9.90 (+1 hits since last alert)|tourissue.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tourissue.com"] [uri "/xmlrpc.php"] [unique_id "ald2JONJ45xnxW-FO8-o_gAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 06:31:20
(3 days ago)
Fail2Ban: ModSecurity detected a web application attack.
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-15 05:26:54
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 02:55:40
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 22:55:27.410601 2026] [security2:error] [pid 20469:tid 20469] [client 106.214.9.90:13117] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.214.9.90 (+1 hits since last alert)|circleinthesquare.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "circleinthesquare.org"] [uri "/xmlrpc.php"] [unique_id "alb2n_sel9wbwrtshJRhawAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 00:51:02
(3 days ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-15 00:00:16
(3 days ago)
106.214.9.90 - - [14/Jul/2026:19:58:57 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "WordPress.co ...
show more
106.214.9.90 - - [14/Jul/2026:19:58:57 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "WordPress.com; https://wordpress.com"
106.214.9.90 - - [14/Jul/2026:19:59:18 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "WordPress.com; https://wordpress.com"
106.214.9.90 - - [14/Jul/2026:19:59:49 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "WordPress.com; https://wordpress.com"
106.214.9.90 - - [14/Jul/2026:20:00:00 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "WordPress.com; https://wordpress.com"
106.214.9.90 - - [14/Jul/2026:20:00:10 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5118 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 23:04:33
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 19:04:12.080406 2026] [security2:error] [pid 2574:tid 2574] [client 106.214.9.90:15696] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.214.9.90 (+1 hits since last alert)|splashstation.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "splashstation.org"] [uri "/xmlrpc.php"] [unique_id "albAbAaBqUmtDE-azMMVOwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
ghostwarriors
2026-07-14 22:21:00
(4 days ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 22:20:12
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 106.214.9.90 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 18:20:02.355210 2026] [security2:error] [pid 6553:tid 6553] [client 106.214.9.90:22801] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.214.9.90 (+1 hits since last alert)|fundaciondamashcc.org.ec|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundaciondamashcc.org.ec"] [uri "/xmlrpc.php"] [unique_id "ala2Ev4a86eUhoEHBLs4RAAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-14 22:17:27
(4 days ago)
(wordpress) Failed wordpress login from 106.214.9.90 (IN/India/-): (CF_ENABLE)
Brute-Force
Anonymous
2026-07-14 20:15:58
(4 days ago)
(wordpress) Failed wordpress login from 106.214.9.90 (IN/India/-)
Brute-Force
Anonymous
2026-07-14 17:32:29
(4 days ago)
[ns3.backorder.gr] httpd-xmlrpc-post: sites=www.blazos.com; logs=/var/log/httpd/domains/blazos.com.l ...
show more
[ns3.backorder.gr] httpd-xmlrpc-post: sites=www.blazos.com; logs=/var/log/httpd/domains/blazos.com.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack