πΊπΈ
TPI-Abuse
2026-06-29 13:10:14
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 09:10:09.653681 2026] [security2:error] [pid 9297:tid 9297] [client 196.191.184.252:53620] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.191.184.252 (+1 hits since last alert)|bickleton.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bickleton.org"] [uri "/xmlrpc.php"] [unique_id "akJusfQtlsD4TGNGajxcnwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
Lunix
2026-06-29 10:32:45
(21 hours ago)
Brute-Force
Web App Attack
π«π·
dynamix
2026-06-29 10:32:33
(21 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πͺπΈ
masterguru
2026-06-29 07:31:05
(1 day ago)
(xmlrpc) Failed xmlrpc access from 196.191.184.252 (ET/Ethiopia/-): 5 in the last 3600 secs (0-122)
Hacking
πΊπΈ
TPI-Abuse
2026-06-26 13:26:26
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 09:26:23.070932 2026] [security2:error] [pid 29144:tid 29144] [client 196.191.184.252:8970] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.191.184.252 (+1 hits since last alert)|superzilla.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "superzilla.com"] [uri "/xmlrpc.php"] [unique_id "aj59_xk0TB9u4x7qAlww5AAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 12:57:14
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 08:57:07.602548 2026] [security2:error] [pid 16749:tid 16779] [client 196.191.184.252:46141] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.191.184.252 (+1 hits since last alert)|cynosureinternetservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosureinternetservices.com"] [uri "/xmlrpc.php"] [unique_id "aj53I-FlliUPKA8-l4uaqwAAAJY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-06-26 12:53:57
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 11:55:13
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 07:55:05.673555 2026] [security2:error] [pid 6857:tid 6857] [client 196.191.184.252:13177] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.191.184.252 (+1 hits since last alert)|legacy-insight.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "legacy-insight.com"] [uri "/xmlrpc.php"] [unique_id "aj5omV3Zklhej1jmlAASQgAAAB0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 06:16:20
(4 days ago)
(mod_security) mod_security (id:225170) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:225170) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 02:16:16.344677 2026] [security2:error] [pid 24042:tid 24042] [client 196.191.184.252:23328] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||lakependoreillemobility.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "lakependoreillemobility.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aj4ZMBsiWBtUIalmJmbDfAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-06-23 07:09:48
(1 week ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
π©πͺ
konseptit
2026-06-19 13:29:36
(1 week ago)
(wordpress) Failed wordpress login from 196.191.184.252 (ET/Ethiopia/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-19 11:27:54
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 196.191.184.252 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 07:27:47.472697 2026] [security2:error] [pid 22022:tid 22022] [client 196.191.184.252:9302] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.191.184.252 (+1 hits since last alert)|yogawithbubba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yogawithbubba.com"] [uri "/xmlrpc.php"] [unique_id "ajUnsy1ujyZf56H4kwKSrQAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
dynamix
2026-06-19 07:09:51
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
π«π·
masterguru
2026-06-19 06:40:03
(1 week ago)
(xmlrpc) Apache: Failed xmlrpc access from 196.191.184.252 (ET/Ethiopia/-): 10 in the last 3600 secs ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 196.191.184.252 (ET/Ethiopia/-): 10 in the last 3600 secs (0-201)
show less
Hacking
πͺπΈ
masterguru
2026-06-19 05:42:09
(1 week ago)
(xmlrpc) Failed xmlrpc access from 196.191.184.252 (ET/Ethiopia/-): 5 in the last 3600 secs (0-122)
Hacking