AbuseIPDB » 196.216.60.4
196.216.60.4
This IP was reported 9 times. Confidence of
Abuse
is 28% : ?
ISP
Paratus Telecommunications Limited
Usage Type
Fixed Line ISP
ASN
AS33763
Domain Name
paratus.africa
Country
π¦π΄
Angola
City
Cabinda, Cabinda
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 196.216.60.4 :
This IP address has been reported a total of
9
times from
8 distinct
sources.
196.216.60.4 was first reported on
August 27th 2025 , and the most recent report was
3 days ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
πΊπΈ
TPI-Abuse
2026-06-22 23:09:20
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 196.216.60.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 196.216.60.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 19:09:14.932957 2026] [security2:error] [pid 15906:tid 15906] [client 196.216.60.4:30151] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.216.60.4 (+1 hits since last alert)|superzilla.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "superzilla.com"] [uri "/xmlrpc.php"] [unique_id "ajnAmjsNkZjSDdx0_UzIywAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2026-06-22 23:01:30
(3 days ago)
196.216.60.4 - - [23/Jun/2026:01:01:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by Wo ...
show more
196.216.60.4 - - [23/Jun/2026:01:01:03 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
196.216.60.4 - - [23/Jun/2026:01:01:06 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
196.216.60.4 - - [23/Jun/2026:01:01:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
196.216.60.4 - - [23/Jun/2026:01:01:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
196.216.60.4 - - [23/Jun/2026:01:01:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
...
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-22 19:50:21
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 196.216.60.4 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 196.216.60.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 22 15:50:15.528990 2026] [security2:error] [pid 19987:tid 19987] [client 196.216.60.4:34812] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.216.60.4 (+1 hits since last alert)|beirutbazar.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "beirutbazar.com"] [uri "/xmlrpc.php"] [unique_id "ajmR984wXqC4i-9v_3YlQQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
SMARTNET
2026-05-27 06:03:53
(4 weeks ago)
Aisuru(Mirai variant) DDoS | Incident ID: 5b730afc-5cec-4742-843f-18085cc64e5c
DDoS Attack
πΊπΈ
RAP
2026-05-16 15:59:52
(1 month ago)
2026-05-16 15:59:52 UTC Unauthorized activity to TCP port 23. Telnet
Port Scan
πΊπΈ
MPL
2026-05-16 10:36:17
(1 month ago)
tcp/23 (4 or more attempts)
Port Scan
πΊπΈ
Cyber Crusader
2026-05-16 09:01:48
(1 month ago)
Hundreds of Attempts (at least) to Connect to and Access Firewall Ports
Port Scan
Hacking
Brute-Force
2026-04-19 11:39:28
(2 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
π³π±
exxos
2025-08-27 16:05:23
(9 months ago)
Attacks with Bad user agents
Hacking
Showing 1 to
9
of 9 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown π©
Recently Reported IPs: