πΊπΈ
TPI-Abuse
2026-07-03 07:49:13
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 03:49:07.234920 2026] [security2:error] [pid 7428:tid 7428] [client 196.188.112.213:2121] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.188.112.213 (+1 hits since last alert)|seskalee.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seskalee.com"] [uri "/xmlrpc.php"] [unique_id "akdpc7UX2qwgCPQ8gy8mVAAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
masterguru
2026-07-03 07:17:31
(1 week ago)
(xmlrpc) Failed xmlrpc access from 196.188.112.213 (ET/Ethiopia/-): 5 in the last 3600 secs (0-122)
Hacking
πΊπΈ
TPI-Abuse
2026-07-03 06:49:52
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 02:49:45.930824 2026] [security2:error] [pid 16872:tid 16872] [client 196.188.112.213:2539] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.188.112.213 (+1 hits since last alert)|airdriedrivingschool.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "airdriedrivingschool.com"] [uri "/xmlrpc.php"] [unique_id "akdbiU0h2HRu0QqmRZek7wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 09:24:53
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 05:24:49.096497 2026] [security2:error] [pid 22573:tid 22573] [client 196.188.112.213:2777] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.188.112.213 (+1 hits since last alert)|intrinsicdiscovery.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "intrinsicdiscovery.com"] [uri "/xmlrpc.php"] [unique_id "akYuYeaYecz03SZFp5y0mwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 07:08:33
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 03:08:26.041968 2026] [security2:error] [pid 10790:tid 10790] [client 196.188.112.213:2251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.188.112.213 (+1 hits since last alert)|michaelthompson.biz|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michaelthompson.biz"] [uri "/xmlrpc.php"] [unique_id "akYOaikOu0liJjhK4dsq0wAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TAY
2026-07-02 06:34:22
(1 week ago)
196.188.112.213 - - [02/Jul/2026:14:34:01 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6378 "-" "WordPress ...
show more
196.188.112.213 - - [02/Jul/2026:14:34:01 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6378 "-" "WordPress.com; https://wordpress.com"
196.188.112.213 - - [02/Jul/2026:14:34:10 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6378 "-" "Jetpack/12.1; WordPress/6.4; http://site63590317.com"
196.188.112.213 - - [02/Jul/2026:14:34:22 +0800] "POST /xmlrpc.php HTTP/1.1" 200 6378 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-02 05:25:53
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:25:47.813883 2026] [security2:error] [pid 2884:tid 2898] [client 196.188.112.213:2326] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.188.112.213 (+1 hits since last alert)|whatismetamodern.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "whatismetamodern.com"] [uri "/xmlrpc.php"] [unique_id "akX2W16u3s3W1isDhNGAngAAAMk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
integrantservices.com
2026-07-01 12:47:57
(1 week ago)
(wordpress) Failed wordpress login from 196.188.112.213 (ET/Ethiopia/-)
Brute-Force
π«π·
dynamix
2026-06-30 12:31:49
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π²πΉ
Malta
2026-06-30 12:31:23
(1 week ago)
196.188.112.213 - - [30/Jun/2026:14:31:22 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack by WordPress.c ...
show more
196.188.112.213 - - [30/Jun/2026:14:31:22 +0200] "POST /xmlrpc.php HTTP/1.1" "Jetpack by WordPress.com"
show less
Hacking
Web App Attack
π©πͺ
abdubhai
2026-06-30 12:03:05
(1 week ago)
196.188.112.213 - - [30/Jun/2026
...
Brute-Force
π©πͺ
NewWavesApp
2026-06-30 09:09:17
(1 week ago)
(wordpress) Failed wordpress login from 196.188.112.213 (ET/Ethiopia/-): (CF_ENABLE)
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-29 08:29:52
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.188.112.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 04:29:48.827958 2026] [security2:error] [pid 29101:tid 29101] [client 196.188.112.213:2185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.188.112.213 (+1 hits since last alert)|evelynkay.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "evelynkay.com"] [uri "/xmlrpc.php"] [unique_id "akIs_PYvhoAsb83ury73EQAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
noise.agency
2026-06-29 08:29:40
(1 week ago)
(wordpress) Failed wordpress login from 196.188.112.213 (ET/Ethiopia/-)
Brute-Force
π«π·
masterguru
2026-06-29 06:14:40
(1 week ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking