๐บ๐ธ
TPI-Abuse
2026-07-16 04:17:36
(16 hours ago)
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 00:17:29.815113 2026] [security2:error] [pid 14121:tid 14121] [client 105.214.80.13:61821] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.214.80.13 (+1 hits since last alert)|lovebuilds.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lovebuilds.com"] [uri "/xmlrpc.php"] [unique_id "alhbWS869KLN0HzuPF9pbgAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 03:26:28
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 23:26:20.108698 2026] [security2:error] [pid 23286:tid 23286] [client 105.214.80.13:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.214.80.13 (+1 hits since last alert)|bbproductionsonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bbproductionsonline.com"] [uri "/xmlrpc.php"] [unique_id "alhPXI-I2ClBMl3jp1cA6AAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 02:04:15
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 22:04:08.612469 2026] [security2:error] [pid 381:tid 381] [client 105.214.80.13:54589] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.214.80.13 (+1 hits since last alert)|fundingangelinvestors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundingangelinvestors.com"] [uri "/xmlrpc.php"] [unique_id "alg8GFi1v2hn4lNwJfFjKQAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
konseptit
2026-07-16 00:01:51
(21 hours ago)
(wordpress) Failed wordpress login from 105.214.80.13 (-)
Brute-Force
๐ซ๐ท
dynamix
2026-07-15 22:59:30
(22 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-10 15:18:51
(6 days ago)
(wordpress) Failed wordpress login from 105.214.80.13 (-)
Brute-Force
๐ซ๐ท
masterguru
2026-07-10 13:47:54
(6 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐ซ๐ฎ
YF
2026-07-10 08:30:27
(6 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-10 06:54:15
(6 days ago)
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 02:54:10.048219 2026] [security2:error] [pid 3898:tid 3898] [client 105.214.80.13:58996] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.214.80.13 (+1 hits since last alert)|greatchristianadventure.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greatchristianadventure.com"] [uri "/xmlrpc.php"] [unique_id "alCXEva-sVuSGrfkGu-MCgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 21:41:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 17:41:55.044076 2026] [security2:error] [pid 24910:tid 24910] [client 105.214.80.13:2887] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.214.80.13 (+1 hits since last alert)|waterspell.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "waterspell.net"] [uri "/xmlrpc.php"] [unique_id "akwhI-N79QnaL3400UeCfAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-06 21:38:47
(1 week ago)
(wordpress) Failed wordpress login from 105.214.80.13 (-)
Brute-Force
๐ฌ๐ง
Apache
2026-07-06 19:44:15
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 5 in the last 300 secs
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 19:41:34
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 105.214.80.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 15:41:28.990238 2026] [security2:error] [pid 5340:tid 5340] [client 105.214.80.13:51195] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 105.214.80.13 (+1 hits since last alert)|shannonraevocalstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shannonraevocalstudio.com"] [uri "/xmlrpc.php"] [unique_id "akwE6CdNyl2jCQS8BCBGHwAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
paoloartone
2026-07-06 18:15:47
(1 week ago)
Reverse proxy TCO: 150 richieste malevole bloccate (scan/exploit/brute-force WordPress) il 06/07/202 ...
show more
Reverse proxy TCO: 150 richieste malevole bloccate (scan/exploit/brute-force WordPress) il 06/07/2026.
show less
Web App Attack
Hacking
Port Scan
Anonymous
2026-07-06 16:34:43
(1 week ago)
105.214.80.13 - - [06/Jul/2026:18:34:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
105.214.80.13 - - ...
show more
105.214.80.13 - - [06/Jul/2026:18:34:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
105.214.80.13 - - [06/Jul/2026:18:34:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 418
...
show less
Brute-Force
Bad Web Bot