Anonymous
2026-06-11 08:04:49
(3 weeks ago)
(wordpress) Failed wordpress login from 106.219.75.139 (IN/India/-)
Brute-Force
๐ฉ๐ช
4server
2026-06-11 06:30:10
(3 weeks ago)
[ThuJun1108:30:06.6379092026][security2:error][pid1569292:tid1569333][client106.219.75.139:0]ModSecu ...
show more
[ThuJun1108:30:06.6379092026][security2:error][pid1569292:tid1569333][client106.219.75.139:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"gmint.ch\"][uri\"/xmlrpc.php\"][unique_id\"aipV7t2zV2ceCn5EnoElkQAAABI\"]
show less
Port Scan
Brute-Force
Web App Attack
๐ซ๐ฎ
YF
2026-06-10 14:00:33
(3 weeks ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐ฉ๐ช
abdubhai
2026-06-10 08:25:43
(3 weeks ago)
106.219.75.139 - - [10/Jun/2026:
...
Brute-Force
Anonymous
2026-06-10 06:14:02
(3 weeks ago)
Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1, GET /xmlrpc.php HTTP/1.1
Hacking
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-06-10 05:27:43
(3 weeks ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐ฉ๐ช
Marc
2026-06-10 05:10:22
(3 weeks ago)
106.219.75.139 - - [10/Jun/2026:07:10:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3466 "-" "Jetpack/12 ...
show more
106.219.75.139 - - [10/Jun/2026:07:10:00 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3466 "-" "Jetpack/12.1; WordPress/6.4; http://site24223067.com" 106.219.75.139 - - [10/Jun/2026:07:10:10 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)" 106.219.75.139 - - [10/Jun/2026:07:10:21 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "Jetpack/12.1; WordPress/6.4; http://site78207132.com"
show less
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-06-10 03:38:13
(3 weeks ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 11:42:58
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.219.75.139 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.75.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:42:55.636560 2026] [security2:error] [pid 25848:tid 25848] [client 106.219.75.139:32995] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.75.139 (+1 hits since last alert)|sliconswamp.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sliconswamp.com"] [uri "/xmlrpc.php"] [unique_id "aif8P6iYVUxoffZLirsF8wAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-09 11:13:38
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.219.75.139 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.75.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 07:13:31.249094 2026] [security2:error] [pid 20483:tid 20483] [client 106.219.75.139:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.75.139 (+1 hits since last alert)|avaliantlife.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avaliantlife.com"] [uri "/xmlrpc.php"] [unique_id "aif1WwlX_q5h5LqaETMBogAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-09 07:38:10
(3 weeks ago)
Attac
Brute-Force
Anonymous
2026-06-09 06:35:23
(3 weeks ago)
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-08 10:47:51
(3 weeks ago)
(mod_security) mod_security (id:240335) triggered by 106.219.75.139 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 106.219.75.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 06:47:44.515709 2026] [security2:error] [pid 18206:tid 18206] [client 106.219.75.139:2285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 106.219.75.139 (+1 hits since last alert)|havenlaneministries.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "havenlaneministries.com"] [uri "/xmlrpc.php"] [unique_id "aiad0K_kST1Tc0WD9xwIdQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-04-16 10:16:04
(2 months ago)
Fail2ban filtered
...
Web App Attack
๐บ๐ธ
integrantservices.com
2026-04-16 04:23:20
(2 months ago)
(wordpress) Failed wordpress login from 106.219.75.139 (IN/India/-)
Brute-Force