๐ซ๐ฎ
YF
2026-06-16 07:00:26
(1 week ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
Anonymous
2026-06-16 06:16:54
(1 week ago)
(wordpress) Failed wordpress login from 106.219.121.168 (IN/India/Haryana/Faridabad/-/[redacted])
Brute-Force
๐บ๐ธ
factor1
2026-06-16 03:41:23
(1 week ago)
Fail2ban at saturn Reports Abuse.
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-16 02:20:01
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ซ๐ท
dynamix
2026-06-16 00:37:31
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-06-16 00:07:47
(1 week ago)
(wordpress) Failed wordpress login from 106.219.121.168 (IN/India/-)
Brute-Force
Anonymous
2026-06-15 22:34:52
(1 week ago)
[redacted] 106.219.121.168 - - [16/Jun/2026:00:34:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 106.219.121.168 - - [16/Jun/2026:00:34:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site83592403.com"
[redacted] 106.219.121.168 - - [16/Jun/2026:00:34:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 106.219.121.168 - - [16/Jun/2026:00:34:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.2; http://site51510865.com"
[redacted] 106.219.121.168 - - [16/Jun/2026:00:34:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
[redacted] 106.219.121.168 - - [16/Jun/2026:00:34:51 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-15 22:01:03
(1 week ago)
Bot / scanning and/or hacking attempts: GET /xmlrpc.php HTTP/1.1, POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 20:55:44
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 106.219.121.168 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.121.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 16:55:36.767369 2026] [security2:error] [pid 21114:tid 21114] [client 106.219.121.168:31616] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.121.168 (+1 hits since last alert)|navarrete.ws|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "navarrete.ws"] [uri "/xmlrpc.php"] [unique_id "ajBmyBMjXyHSfhmlfpqnBgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-15 16:47:02
(1 week ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-15 15:45:47
(1 week ago)
(wordpress) Failed wordpress login from 106.219.121.168 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-15 10:19:56
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.219.121.168 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.121.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 06:19:50.235189 2026] [security2:error] [pid 18689:tid 18689] [client 106.219.121.168:17681] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.121.168 (+1 hits since last alert)|blaslandsporthorses.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blaslandsporthorses.com"] [uri "/xmlrpc.php"] [unique_id "ai_RxiJvrqlzLy-32EQiDQAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-15 09:19:50
(2 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.219.121.168 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.121.168 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:19:45.017597 2026] [security2:error] [pid 32584:tid 32584] [client 106.219.121.168:20443] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.121.168 (+1 hits since last alert)|warpedweed.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "warpedweed.com"] [uri "/xmlrpc.php"] [unique_id "ai_DsVarn_ZFySzu-ZQlQwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ช
vaia.cloud
2026-06-15 08:24:03
(2 weeks ago)
trying wp-login.php/xmlrpc.php 34 times in 1 minutes
Brute-Force
Web App Attack
Anonymous
2026-06-02 16:15:23
(3 weeks ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host