๐บ๐ธ
TPI-Abuse
2026-07-10 06:39:03
(1 hour ago)
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 02:38:55.491883 2026] [security2:error] [pid 5165:tid 5165] [client 14.139.123.52:52132] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.123.52 (+1 hits since last alert)|seagrovesrealty.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seagrovesrealty.com"] [uri "/xmlrpc.php"] [unique_id "alCTfx5-3Xl4VaY2T7oe4QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
LRob
2026-07-10 05:16:52
(3 hours ago)
CrowdSec: lrob/wp-xmlrpc-bf | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com","WordPress.com; ...
show more
CrowdSec: lrob/wp-xmlrpc-bf | req: ["/xmlrpc.php"] | UA: ["Jetpack by WordPress.com","WordPress.com; https://wordpress.com"]
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 04:56:00
(3 hours ago)
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 00:55:54.603097 2026] [security2:error] [pid 314:tid 314] [client 14.139.123.52:64488] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.123.52 (+1 hits since last alert)|jesussotoca.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jesussotoca.com"] [uri "/xmlrpc.php"] [unique_id "alB7Wh3pIZJVBgzNwhvFKAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
rh24
2026-07-09 02:23:47
(1 day ago)
(wordpress) Failed wordpress login from 14.139.123.52 (IN/India/-): (CF_ENABLE)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-08 19:36:33
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 15:36:28.293866 2026] [security2:error] [pid 16924:tid 16924] [client 14.139.123.52:59016] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.123.52 (+1 hits since last alert)|ismaelcavazos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ismaelcavazos.com"] [uri "/xmlrpc.php"] [unique_id "ak6mvEa3MYd1l8TZ7f2uvAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 16:58:27
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 12:58:21.507905 2026] [security2:error] [pid 19297:tid 19297] [client 14.139.123.52:52469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.123.52 (+1 hits since last alert)|apexandroids.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "apexandroids.com"] [uri "/xmlrpc.php"] [unique_id "ak6BrTJKaGdFvzNKZNBO8QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 14:24:02
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 10:23:53.016411 2026] [security2:error] [pid 13940:tid 13940] [client 14.139.123.52:55434] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.123.52 (+1 hits since last alert)|technesa.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "technesa.com"] [uri "/xmlrpc.php"] [unique_id "ak5deeb7ZWuPBZ_HR-EJHwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-08 14:10:30
(1 day ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
IN/India/-
Web App Attack
๐ฉ๐ช
konseptit
2026-07-08 11:47:54
(1 day ago)
(wordpress) Failed wordpress login from 14.139.123.52 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-08 05:07:32
(2 days ago)
(mod_security) mod_security (id:225170) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:225170) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 01:07:28.358744 2026] [security2:error] [pid 15289:tid 15393] [client 14.139.123.52:63643] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lancasterdesignercraftsmen.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lancasterdesignercraftsmen.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ak3bEJ2f3ZlmVlbXCdfn0AAAAkI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐น๐ท
ycoskun41
2026-07-08 04:36:47
(2 days ago)
fail2ban: plesk-modsecurity jail on genckocaeli.com
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 02:28:25
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 22:28:18.461744 2026] [security2:error] [pid 16927:tid 16927] [client 14.139.123.52:60994] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.123.52 (+1 hits since last alert)|loriarsenault.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "loriarsenault.com"] [uri "/xmlrpc.php"] [unique_id "ak21whm5VWjqvzl8-mDy3gAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-08 01:27:56
(2 days ago)
(xmlrpc) Failed xmlrpc access from 14.139.123.52 (IN/India/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 21:12:36
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 14.139.123.52 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 07 17:12:24.593852 2026] [security2:error] [pid 2602:tid 2602] [client 14.139.123.52:58120] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 14.139.123.52 (+1 hits since last alert)|karenbernsteinlaw.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "karenbernsteinlaw.com"] [uri "/xmlrpc.php"] [unique_id "ak1ruHON4LmSuEpk3qWNhAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack