๐บ๐ธ
TPI-Abuse
2026-06-19 12:11:53
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 106.219.163.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.163.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 08:11:49.465024 2026] [security2:error] [pid 19134:tid 19134] [client 106.219.163.218:18336] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.163.218 (+1 hits since last alert)|desarrollosdecolima.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "desarrollosdecolima.com"] [uri "/xmlrpc.php"] [unique_id "ajUyBXYV5UNjAvDpfIWkNgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-06-19 11:13:51
(1 week ago)
(wordpress) Failed wordpress login from 106.219.163.218 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-19 10:10:40
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 106.219.163.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.163.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 06:10:34.065757 2026] [security2:error] [pid 15756:tid 15756] [client 106.219.163.218:11263] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.163.218 (+1 hits since last alert)|fuentevictoria.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fuentevictoria.com"] [uri "/xmlrpc.php"] [unique_id "ajUVmrRgT7CkB8JgKdkX3gAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-19 07:12:03
(1 week ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-19 06:14:48
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 106.219.163.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.163.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 02:14:45.877613 2026] [security2:error] [pid 996:tid 996] [client 106.219.163.218:12836] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.163.218 (+1 hits since last alert)|campnecon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "campnecon.com"] [uri "/xmlrpc.php"] [unique_id "ajTeVeush9fAUy-WOo12mgAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-19 06:02:28
(1 week ago)
(wordpress) Failed wordpress login from 106.219.163.218 (IN/India/-)
Brute-Force
Anonymous
2026-06-19 05:37:07
(1 week ago)
[redacted] 106.219.163.218 - - [19/Jun/2026:07:36:20 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" ...
show more
[redacted] 106.219.163.218 - - [19/Jun/2026:07:36:20 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 106.219.163.218 - - [19/Jun/2026:07:36:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 106.219.163.218 - - [19/Jun/2026:07:36:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 106.219.163.218 - - [19/Jun/2026:07:36:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 106.219.163.218 - - [19/Jun/2026:07:37:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.1; http://site19026186.com"
...
show less
Hacking
Web App Attack
๐ฉ๐ช
SMARTNET
2026-05-27 06:03:53
(1 month ago)
Aisuru(Mirai variant) DDoS | Incident ID: 1175168a-7e6d-467e-bb9a-dd1cdfa3fb9e
DDoS Attack
๐ช๐ธ
Global Cyber Police
2025-07-28 08:20:11
(11 months ago)
Malicious bot activity detected: Hitting honeypot page. Part of massive botnet.
DDoS Attack
Hacking
SQL Injection
Spoofing
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
SCHAPPY
2025-07-10 20:03:14
(11 months ago)
Critical web app attack detected. Path Traversal Attack (/../)
Web App Attack
Anonymous
2024-09-15 08:40:30
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH