๐บ๐ธ
TPI-Abuse
2026-07-02 08:53:58
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 04:53:51.134192 2026] [security2:error] [pid 30479:tid 30658] [client 139.5.0.94:32060] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.5.0.94 (+1 hits since last alert)|captechinc.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "captechinc.com"] [uri "/xmlrpc.php"] [unique_id "akYnH3MiJV5vSJgATyBQ1gAAAEk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:40:19
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:40:13.524380 2026] [security2:error] [pid 26323:tid 26373] [client 139.5.0.94:61144] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.5.0.94 (+1 hits since last alert)|travelusa.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "travelusa.us"] [uri "/xmlrpc.php"] [unique_id "akYV3VED_ivJn4m2M1XnpgAAAZU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 07:10:10
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:10:05.025049 2026] [security2:error] [pid 10661:tid 10661] [client 139.5.0.94:32202] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.5.0.94 (+1 hits since last alert)|avalderlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "avalderlaw.com"] [uri "/xmlrpc.php"] [unique_id "akYOzeekSWTGylF-sRHYFwAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-02 06:39:22
(1 day ago)
Blocked by ModSec and CSF
Port Scan
๐บ๐ธ
TPI-Abuse
2026-07-02 02:25:50
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:25:41.336518 2026] [security2:error] [pid 9944:tid 9944] [client 139.5.0.94:32059] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.5.0.94 (+1 hits since last alert)|cathybermanmft.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cathybermanmft.com"] [uri "/xmlrpc.php"] [unique_id "akXMJfPIrJTF96B7jrO4hQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ConsulHosting
2026-07-01 06:59:42
(2 days ago)
Excessive failed CAPTCHA attempts (CAPTCHA DoS)
Web App Attack
๐ฉ๐ช
rh24
2026-06-30 11:04:21
(3 days ago)
(xmlrpc_405) XMLRPC-Bot 405 139.5.0.94 (IN/India/-)
Hacking
๐บ๐ธ
TPI-Abuse
2026-06-30 08:54:29
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 04:54:20.769918 2026] [security2:error] [pid 5245:tid 5245] [client 139.5.0.94:5600] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.5.0.94 (+1 hits since last alert)|oshadega.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "oshadega.com"] [uri "/xmlrpc.php"] [unique_id "akOEPMYKqO2od4gRSdkVjwAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-06-30 08:50:42
(3 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 04:30:31
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240335) triggered by 139.5.0.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:30:23.362649 2026] [security2:error] [pid 16508:tid 16663] [client 139.5.0.94:15593] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 139.5.0.94 (+1 hits since last alert)|ccgparquitectos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ccgparquitectos.com"] [uri "/xmlrpc.php"] [unique_id "akNGXykszewJaBlyK7jIVAAAANY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-06-30 03:33:32
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-06-29 13:00:10
(4 days ago)
Attac
Brute-Force
๐ฆ๐บ
screwlooseit.com.au
2026-06-29 05:47:28
(4 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/-
Web App Attack
๐ซ๐ท
masterguru
2026-06-29 04:46:54
(4 days ago)
(xmlrpc) Apache: Failed xmlrpc access from 139.5.0.94 (IN/India/-): 10 in the last 3600 secs (0-201)
Hacking
๐ซ๐ฎ
YF
2026-06-28 07:00:20
(5 days ago)
xmlrpc.php Potential DDoS or brute force
DDoS Attack
Brute-Force