๐ฆ๐บ
screwlooseit.com.au
2026-07-01 01:59:46
(14 hours ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
CZ/Czechia/cgnat44-pool1-237-202.poda.cz
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 17:37:48
(22 hours ago)
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz) ...
show more
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 13:37:42.572938 2026] [security2:error] [pid 19695:tid 19695] [client 193.165.237.202:61442] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 193.165.237.202 (+1 hits since last alert)|f40ph.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "f40ph.org"] [uri "/xmlrpc.php"] [unique_id "akP-5rvg0xzF68VNx71l_QAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-30 14:49:44
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฉ๐ช
rh24
2026-06-30 10:45:22
(1 day ago)
(wordpress) Failed wordpress login from 193.165.237.202 (CZ/Czechia/cgnat44-pool1-237-202.poda.cz): ...
show more
(wordpress) Failed wordpress login from 193.165.237.202 (CZ/Czechia/cgnat44-pool1-237-202.poda.cz): (CF_ENABLE)
show less
Brute-Force
๐บ๐ธ
integrantservices.com
2026-06-30 09:02:54
(1 day ago)
(wordpress) Failed wordpress login from 193.165.237.202 (CZ/Czechia/cgnat44-pool1-237-202.poda.cz)
Brute-Force
๐บ๐ธ
WeekendWeb
2026-06-30 07:31:21
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-30 06:32:18
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz) ...
show more
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 02:32:13.732204 2026] [security2:error] [pid 29542:tid 29542] [client 193.165.237.202:59359] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 193.165.237.202 (+1 hits since last alert)|rwabutazafoundation.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rwabutazafoundation.org"] [uri "/xmlrpc.php"] [unique_id "akNi7c97Hd-rwYCipZR-UAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 09:21:29
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz) ...
show more
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 05:21:24.588138 2026] [security2:error] [pid 15095:tid 15101] [client 193.165.237.202:59901] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 193.165.237.202 (+1 hits since last alert)|reghay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "reghay.com"] [uri "/xmlrpc.php"] [unique_id "akI5FBsQEJIJ7XCtwaYvrQAAAIQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 08:49:47
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz) ...
show more
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:49:42.510554 2026] [security2:error] [pid 1286:tid 1286] [client 193.165.237.202:64123] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 193.165.237.202 (+1 hits since last alert)|climasyequipos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "climasyequipos.com"] [uri "/xmlrpc.php"] [unique_id "akIxpnb8SJd8F7ZzaeTk2AAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 05:49:11
(2 days ago)
[ns31.kdns.gr] httpd-xmlrpc-post: sites=michalopoulosstore.gr; logs=/var/log/httpd/domains/michalopo ...
show more
[ns31.kdns.gr] httpd-xmlrpc-post: sites=michalopoulosstore.gr; logs=/var/log/httpd/domains/michalopoulosstore.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
๐ซ๐ท
sasbau
2026-06-29 00:13:43
(2 days ago)
193.165.237.202 - - [29/Jun/2026:02:13:21 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Jetpack by ...
show more
193.165.237.202 - - [29/Jun/2026:02:13:21 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)"
193.165.237.202 - - [29/Jun/2026:02:13:32 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "WordPress.com; https://wordpress.com"
193.165.237.202 - - [29/Jun/2026:02:13:42 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "WordPress.com; https://wordpress.com"
show less
Brute-Force
Web App Attack
๐ณ๐ฑ
Site.eu
2026-06-28 23:13:25
(2 days ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐บ๐ธ
TPI-Abuse
2026-06-28 22:14:21
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz) ...
show more
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 18:14:16.696322 2026] [security2:error] [pid 5025:tid 5025] [client 193.165.237.202:63487] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 193.165.237.202 (+1 hits since last alert)|fgrotary.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fgrotary.org"] [uri "/xmlrpc.php"] [unique_id "akGcuE8i1GgUBoBVEIZSiAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 17:06:54
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz) ...
show more
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 13:06:49.579626 2026] [security2:error] [pid 31197:tid 31197] [client 193.165.237.202:65215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 193.165.237.202 (+1 hits since last alert)|budgetbyron.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "budgetbyron.com"] [uri "/xmlrpc.php"] [unique_id "akFUqa1pOoKCvp0wPc6N7QAAABU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-28 09:35:49
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz) ...
show more
(mod_security) mod_security (id:240335) triggered by 193.165.237.202 (cgnat44-pool1-237-202.poda.cz): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 05:35:45.057923 2026] [security2:error] [pid 31068:tid 31068] [client 193.165.237.202:64145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 193.165.237.202 (+1 hits since last alert)|bolivarbulletintimes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bolivarbulletintimes.com"] [uri "/xmlrpc.php"] [unique_id "akDq8Uot0Uz7Y52jm6NQJAAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack