๐ซ๐ท
LRob
2026-07-06 13:38:30
(5 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com","WordPress.com; https://wordpress.com","Jetpack/13.0; WordPress/6.2; http://site23860445.com","Jetpack by WordPress.com (J
show less
Brute-Force
Web App Attack
๐ซ๐ท
LRob
2026-07-06 01:57:35
(16 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPr ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com","Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)","WordPress.com; https://wordpress.com","Jetpack/12.5; WordPress/6
show less
Brute-Force
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-06 01:08:14
(17 hours ago)
(wordpress) Failed wordpress login from 14.139.220.130 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-04 13:11:50
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 09:11:39.872967 2026] [security2:error] [pid 19517:tid 19517] [client 14.139.220.130:57849] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.220.130 (+1 hits since last alert)|waterspell.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "waterspell.net"] [uri "/xmlrpc.php"] [unique_id "akkGi4UtJahm0dgtlso2ggAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 13:11:02
(2 days ago)
WEB attack
Brute-Force
๐ซ๐ท
Kenshin869
2026-07-04 12:32:22
(2 days ago)
Wordpress unauthorized access attempt
Brute-Force
๐ช๐ธ
masterguru
2026-07-02 07:24:59
(4 days ago)
(xmlrpc) Failed xmlrpc access from 14.139.220.130 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
๐จ๐ฆ
polycoda
2026-07-02 02:01:21
(4 days ago)
AutoBlock: ๐ WordPress Login Brute Force (20X or 30X) (Decay-Based)
Brute-Force
Web App Attack
๐ฌ๐ง
Apache
2026-07-01 15:54:47
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (IN/India/-): 5 in the last 300 ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (IN/India/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
Anonymous
2026-07-01 15:48:43
(5 days ago)
Attac
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-01 15:18:53
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 11:18:48.952671 2026] [security2:error] [pid 21956:tid 21956] [client 14.139.220.130:62993] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.220.130 (+1 hits since last alert)|arsenalfordemocracy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "arsenalfordemocracy.com"] [uri "/xmlrpc.php"] [unique_id "akUv2CAobVzZ0KS_86OhVAAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 05:36:42
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 01:36:36.046228 2026] [security2:error] [pid 2303:tid 2303] [client 14.139.220.130:56596] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.220.130 (+1 hits since last alert)|mosheimlib.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mosheimlib.org"] [uri "/xmlrpc.php"] [unique_id "akSnZLd449RMccFyn6-dAAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 01:20:36
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 21:20:27.695511 2026] [security2:error] [pid 17235:tid 17235] [client 14.139.220.130:57774] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.220.130 (+1 hits since last alert)|bolivarbulletintimes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bolivarbulletintimes.com"] [uri "/xmlrpc.php"] [unique_id "akRrW8qRKzQ-Z0LISueQgwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 14:59:33
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 10:59:29.372372 2026] [security2:error] [pid 2893:tid 2893] [client 14.139.220.130:50767] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.220.130 (+1 hits since last alert)|canebrakes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "canebrakes.com"] [uri "/xmlrpc.php"] [unique_id "akKIUZVEH1dzYvVx6A9zLgAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 06:11:38
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.220.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 02:11:31.061947 2026] [security2:error] [pid 26925:tid 26953] [client 14.139.220.130:53078] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.220.130 (+1 hits since last alert)|jimlawrencesongs.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jimlawrencesongs.com"] [uri "/xmlrpc.php"] [unique_id "akC7EzqKJV8QcH1G-f0YcQAAAUs"]
show less
Brute-Force
Bad Web Bot
Web App Attack