๐บ๐ธ
TPI-Abuse
2026-07-09 08:22:46
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 04:22:39.405177 2026] [security2:error] [pid 15553:tid 15553] [client 106.219.161.66:26279] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.161.66 (+1 hits since last alert)|boaredraven.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "boaredraven.com"] [uri "/xmlrpc.php"] [unique_id "ak9aT8EeQjk6FEmhpBQa9wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
abdubhai
2026-07-09 07:37:49
(2 days ago)
106.219.161.66 - - [09/Jul/2026:
...
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-09 07:08:03
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 03:07:59.579104 2026] [security2:error] [pid 13981:tid 13981] [client 106.219.161.66:30903] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.161.66 (+1 hits since last alert)|disio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "disio.com"] [uri "/xmlrpc.php"] [unique_id "ak9IzyupGImjulVFGCP5iwAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-09 06:37:00
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
dbmwebdesign
2026-07-09 05:05:23
(2 days ago)
WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 08:47:01
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 04:46:58.090202 2026] [security2:error] [pid 14603:tid 14603] [client 106.219.161.66:9565] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.161.66 (+1 hits since last alert)|ideaofauniversity.website|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ideaofauniversity.website"] [uri "/xmlrpc.php"] [unique_id "ak4OggnNyNI4JSJqTMt02QAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-07-08 07:09:33
(3 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ซ๐ท
dynamix
2026-07-08 06:24:57
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-07 06:16:11
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 07:48:29
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.161.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 03:48:24.617548 2026] [security2:error] [pid 24270:tid 24270] [client 106.219.161.66:19137] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.161.66 (+1 hits since last alert)|fractalsky.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fractalsky.com"] [uri "/xmlrpc.php"] [unique_id "aktdyA8pQd4biccTHjAOEwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
ycoskun41
2026-07-06 07:44:51
(5 days ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
๐ซ๐ฎ
KnightIndustries
2026-07-06 04:00:51
(5 days ago)
2026-07-06T06:00:29.546844+02:00 milkyway wordpress(learncryptography.pw)[2332942]: XML-RPC authenti ...
show more
2026-07-06T06:00:29.546844+02:00 milkyway wordpress(learncryptography.pw)[2332942]: XML-RPC authentication failure for macminty from 106.219.161.66
2026-07-06T06:00:40.023936+02:00 milkyway wordpress(learncryptography.pw)[2307658]: XML-RPC authentication failure for macminty from 106.219.161.66
2026-07-06T06:00:50.548605+02:00 milkyway wordpress(learncryptography.pw)[2332940]: XML-RPC authentication failure for macminty from 106.219.161.66
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-03 07:48:05
(1 week ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐จ๐ญ
4server
2026-07-03 07:38:09
(1 week ago)
[FriJul0309:38:06.4098042026][security2:error][pid1056261:tid1056478][client106.219.161.66:0]ModSecu ...
show more
[FriJul0309:38:06.4098042026][security2:error][pid1056261:tid1056478][client106.219.161.66:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"4server.biz\"][uri\"/xmlrpc.php\"][unique_id\"akdm3iccIxuxFuDJpvIRygAAAIw\"]
show less
Hacking
Web App Attack
๐ฉ๐ช
Sรฉfora Srl
2026-07-03 04:02:47
(1 week ago)
Failed attempt detected by Fail2Ban in plesk-modsecurity jail
Web App Attack