πΊπΈ
TPI-Abuse
2026-07-05 10:12:53
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 06:12:47.816721 2026] [security2:error] [pid 11088:tid 11088] [client 188.253.208.235:8288] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.253.208.235 (+1 hits since last alert)|nekstlevel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nekstlevel.com"] [uri "/xmlrpc.php"] [unique_id "akouH9IEiu4n3iEuVRm9SAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-05 08:22:18
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jul 05 04:22:12.641413 2026] [security2:error] [pid 19768:tid 19768] [client 188.253.208.235:2644] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.253.208.235 (+1 hits since last alert)|marianozaro.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "marianozaro.com"] [uri "/xmlrpc.php"] [unique_id "akoUNPfMuv8llMV26zjVqgAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
lostswordfish.com
2026-07-05 05:36:03
(3 days ago)
Wordfence waf block on fairregistry
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 23:37:58
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 19:37:55.204273 2026] [security2:error] [pid 11818:tid 11818] [client 188.253.208.235:2649] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.253.208.235 (+1 hits since last alert)|assembliesofgodinsamoa.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "assembliesofgodinsamoa.org"] [uri "/xmlrpc.php"] [unique_id "akmZU8pGdHUhW30xL5kFugAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 20:29:17
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 16:29:09.972320 2026] [security2:error] [pid 17196:tid 17196] [client 188.253.208.235:8948] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.253.208.235 (+1 hits since last alert)|infinityartistsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "infinityartistsgroup.com"] [uri "/xmlrpc.php"] [unique_id "akltFWEMcYIhAwqQRzHeMwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-07-04 17:11:24
(3 days ago)
(wordpress) Failed wordpress login from 188.253.208.235 (AZ/Azerbaijan/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-04 16:44:58
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 12:44:52.448047 2026] [security2:error] [pid 4416:tid 4416] [client 188.253.208.235:2638] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.253.208.235 (+1 hits since last alert)|kh6jim.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kh6jim.com"] [uri "/xmlrpc.php"] [unique_id "akk4hJlZf5R68D4_GlZkmgAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-07-04 16:10:30
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π©πͺ
rh24
2026-07-04 13:37:55
(3 days ago)
(wordpress) Failed wordpress login from 188.253.208.235 (AZ/Azerbaijan/-): (CF_ENABLE)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-04 12:40:46
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 188.253.208.235 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 08:40:38.145851 2026] [security2:error] [pid 19543:tid 19543] [client 188.253.208.235:11739] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 188.253.208.235 (+1 hits since last alert)|indiahouseportland.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "indiahouseportland.com"] [uri "/xmlrpc.php"] [unique_id "akj_Rj4-FWzf_vHDEKHc-wAAAJU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¨π
backslash
2026-03-18 19:12:04
(3 months ago)
block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68
Bad Web Bot
Anonymous
2025-11-21 09:26:15
(7 months ago)
scanning http requests from known botnet
Web App Attack