๐ณ๐ฑ
Site.eu
2026-07-14 04:21:21
(6 hours ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
factor1
2026-07-14 02:07:13
(8 hours ago)
Fail2ban at saturn Reports Abuse.
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-12 16:06:11
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 12 12:06:00.907348 2026] [security2:error] [pid 31629:tid 31629] [client 138.84.197.13:56263] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 138.84.197.13 (+1 hits since last alert)|batesstrategygroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "batesstrategygroup.com"] [uri "/xmlrpc.php"] [unique_id "alO7aM2AS_mTcLloBJRk3AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-12 16:05:25
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
ghostwarriors
2026-07-12 13:20:50
(1 day ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-12 13:17:57
(1 day ago)
Fail2Ban: WordPress XML-RPC brute-force attack detected.
Bad Web Bot
Web App Attack
๐ธ๐ช
konseptit
2026-07-12 11:17:50
(1 day ago)
(wordpress) Failed wordpress login from 138.84.197.13 (PH/Philippines/-)
Brute-Force
๐ช๐ธ
masterguru
2026-07-11 11:20:26
(2 days ago)
(xmlrpc) Failed xmlrpc access from 138.84.197.13 (PH/Philippines/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-10 17:44:54
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 13:44:41.574780 2026] [security2:error] [pid 12743:tid 12743] [client 138.84.197.13:34377] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 138.84.197.13 (+1 hits since last alert)|rimaine.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rimaine.org"] [uri "/xmlrpc.php"] [unique_id "alEviTMG7aSbBp0gD8mAcAAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Kenshin869
2026-07-10 17:40:41
(3 days ago)
Wordpress unauthorized access attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-10 08:42:32
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 04:42:19.677269 2026] [security2:error] [pid 3392399:tid 3392399] [client 138.84.197.13:62767] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 138.84.197.13 (+1 hits since last alert)|blaslandsporthorses.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "blaslandsporthorses.com"] [uri "/xmlrpc.php"] [unique_id "alCwawRjK6SIrhrliJz7NAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-10 08:09:43
(4 days ago)
[redacted] 138.84.197.13 - - [10/Jul/2026:10:08:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 138.84.197.13 - - [10/Jul/2026:10:08:55 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site14001017.com"
[redacted] 138.84.197.13 - - [10/Jul/2026:10:09:09 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 138.84.197.13 - - [10/Jul/2026:10:09:20 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site71096640.com"
[redacted] 138.84.197.13 - - [10/Jul/2026:10:09:31 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
[redacted] 138.84.197.13 - - [10/Jul/2026:10:09:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐ฎ๐น
LTM
2026-07-10 06:20:01
(4 days ago)
WebServer - Attempts to exploit
Hacking
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-09 19:17:36
(4 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-09 14:07:18
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 138.84.197.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 10:07:08.777624 2026] [security2:error] [pid 13560:tid 13560] [client 138.84.197.13:17962] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 138.84.197.13 (+1 hits since last alert)|sacoriverjazz.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sacoriverjazz.org"] [uri "/xmlrpc.php"] [unique_id "ak-rDC7o-4ICu32jwDlzrgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack