Anonymous
2026-06-26 10:34:31
(2 weeks ago)
[ns41.kdns.gr] httpd-xmlrpc-post: sites=jiotis.gr; logs=/var/log/httpd/domains/jiotis.gr.log; sample ...
show more
[ns41.kdns.gr] httpd-xmlrpc-post: sites=jiotis.gr; logs=/var/log/httpd/domains/jiotis.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ช๐ธ
masterguru
2026-06-26 10:34:18
(2 weeks ago)
(xmlrpc) Failed xmlrpc access from 106.215.148.236 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
๐ซ๐ท
dynamix
2026-06-26 09:28:05
(2 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฎ๐น
LTM
2026-06-26 06:20:02
(2 weeks ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
Anonymous
2026-06-26 05:42:02
(2 weeks ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
Anonymous
2026-06-26 00:04:38
(2 weeks ago)
Bad Web Bot
Web App Attack
๐ฉ๐ช
Marc
2026-06-25 15:35:54
(2 weeks ago)
106.215.148.236 - - [25/Jun/2026:17:35:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3420 "-" "Jetpack b ...
show more
106.215.148.236 - - [25/Jun/2026:17:35:33 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3420 "-" "Jetpack by WordPress.com" 106.215.148.236 - - [25/Jun/2026:17:35:43 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3465 "-" "Jetpack/12.5; WordPress/6.4; http://site25900250.com" 106.215.148.236 - - [25/Jun/2026:17:35:53 +0200] "POST /xmlrpc.php HTTP/1.1" 200 3466 "-" "Jetpack/12.1; WordPress/6.4; http://site27750413.com"
show less
Brute-Force
Web App Attack
Anonymous
2026-06-25 01:20:25
(2 weeks ago)
[redacted] 106.215.148.236 - - [25/Jun/2026:03:19:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 106.215.148.236 - - [25/Jun/2026:03:19:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 106.215.148.236 - - [25/Jun/2026:03:19:57 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.4; http://site16361016.com"
[redacted] 106.215.148.236 - - [25/Jun/2026:03:20:02 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 106.215.148.236 - - [25/Jun/2026:03:20:13 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 106.215.148.236 - - [25/Jun/2026:03:20:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-06-24 21:16:46
(2 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 16:26:18
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.215.148.236 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.215.148.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 12:26:12.292376 2026] [security2:error] [pid 31519:tid 31519] [client 106.215.148.236:22498] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.215.148.236 (+1 hits since last alert)|shelbysmoak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shelbysmoak.com"] [uri "/xmlrpc.php"] [unique_id "ajwFJBX-ZbswPTLgf0OZKgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 14:54:11
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.215.148.236 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.215.148.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:54:04.856400 2026] [security2:error] [pid 1789:tid 1789] [client 106.215.148.236:31925] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.215.148.236 (+1 hits since last alert)|uccryakima.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "uccryakima.org"] [uri "/xmlrpc.php"] [unique_id "ajvvjJxNpgvksV9yvngBtQAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
grassau.com
2026-06-23 22:58:40
(2 weeks ago)
(wordpress) Failed wordpress login from 106.215.148.236 (IN/India/Odisha/Bhubaneswar/-)
Brute-Force