๐บ๐ธ
TPI-Abuse
2026-07-02 15:17:58
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 11:17:51.068809 2026] [security2:error] [pid 22934:tid 22946] [client 39.57.198.140:63458] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.57.198.140 (+1 hits since last alert)|reghay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reghay.com"] [uri "/xmlrpc.php"] [unique_id "akaBH6zk5WgQS_IX27by5gAAAIo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
clapper
2026-07-02 13:54:25
(1 day ago)
(mod_security) mod_security (id:350202) triggered by 39.57.198.140 (PK/Pakistan/-): 5 in the last 60 ...
show more
(mod_security) mod_security (id:350202) triggered by 39.57.198.140 (PK/Pakistan/-): 5 in the last 600 secs; ID: rub
show less
Brute-Force
Bad Web Bot
๐บ๐ธ
integrantservices.com
2026-07-02 12:51:06
(1 day ago)
(wordpress) Failed wordpress login from 39.57.198.140 (PK/Pakistan/-)
Brute-Force
๐ช๐ธ
masterguru
2026-07-02 07:52:35
(1 day ago)
(xmlrpc) Failed xmlrpc access from 39.57.198.140 (PK/Pakistan/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-02 07:51:08
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:51:03.883344 2026] [security2:error] [pid 9853:tid 9853] [client 39.57.198.140:54298] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.57.198.140 (+1 hits since last alert)|instalatoribucuresti.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "instalatoribucuresti.com"] [uri "/xmlrpc.php"] [unique_id "akYYZwj8UvrKEzYXg3j-WAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
screwlooseit.com.au
2026-07-01 10:55:01
(2 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
PK/Pakistan/-
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-01 10:18:48
(2 days ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS
Web App Attack
๐ฑ๐ป
garmtech.com
2026-07-01 10:16:52
(2 days ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS (fault code)
Web App Attack
Anonymous
2026-06-30 15:39:08
(3 days ago)
(wordpress) Failed wordpress login from 39.57.198.140 (PK/Pakistan/Sindh/Karachi/-/[redacted])
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-30 14:27:33
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 10:27:29.078019 2026] [security2:error] [pid 6839:tid 6839] [client 39.57.198.140:54014] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.57.198.140 (+1 hits since last alert)|intrinsicdiscovery.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "intrinsicdiscovery.com"] [uri "/xmlrpc.php"] [unique_id "akPSUXSMxwilyLQjjyLlHQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 11:44:17
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 39.57.198.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 07:44:13.283940 2026] [security2:error] [pid 29071:tid 29071] [client 39.57.198.140:29820] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 39.57.198.140 (+1 hits since last alert)|feiz.church|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "feiz.church"] [uri "/xmlrpc.php"] [unique_id "akOsDQ8LFnbw02buwYxadAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack