Report for IP: 104.28.165.120

Threat LevelMEDIUM40/1001 rule type
18 incidents · 18 attacks/day · last seen 9d ago
PTR N/A
Org / ASN Cloudflare WARP
Country 🇫🇮 Finland
City Vantaa, Uusimaa
Timezone Europe/Helsinki

Attack Analysis

🇫🇮 Finland · Vantaa · 13335 · Cloudflare, Inc.
WordPress XML-RPC Abuse
This IP targeted xmlrpc.php, a legacy WordPress endpoint that has been abused for brute-force authentication attacks, credential stuffing, and DDoS amplification. Any direct access to xmlrpc.php is an attack or reconnaissance attempt; modern WordPress sites should disable it entirely.

Reports (18)

Date Severity Description
10 Jun 2026 - 15:10 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:09 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:08 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:07 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:06 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:05 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:03 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:02 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:01 high Web: xmlrpc.php accessed
10 Jun 2026 - 15:00 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:59 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:58 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:57 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:56 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:55 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:46 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:45 high Web: xmlrpc.php accessed
10 Jun 2026 - 14:43 high Web: xmlrpc.php accessed

Related IPs — Same /24 Block (104.28.165.0/24)

104.28.165.202MEDIUM1 report
Part of EagleEye Intelligence