๐ธ๐ช
konseptit
2026-07-06 06:28:55
(1 day ago)
(wordpress) Failed wordpress login from 196.41.50.190 (TZ/Tanzania/-)
Brute-Force
๐ฉ๐ช
neckaralb-admin.de
2026-07-04 09:57:19
(2 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐ง๐ท
dominioz
2026-07-03 07:54:56
(3 days ago)
2026-07-03 07:53:50 POST /xmlrpc.php - - 196.41.50.190 HTTP/1.1 Jetpack+by+WordPress.com - 200 0
202 ...
show more
2026-07-03 07:53:50 POST /xmlrpc.php - - 196.41.50.190 HTTP/1.1 Jetpack+by+WordPress.com - 200 0
2026-07-03 07:53:55 POST /xmlrpc.php - - 196.41.50.190 HTTP/1.1 WordPress.com;+https://wordpress.com - 200 650
2026-07-03 07:54:06 POST /xmlrpc.php - - 196.41.50.190 HTTP/1.1 Jetpack/12.0;+WordPress/6.3;+http://site95463855.com - 200 650
2026-07-03 07:54:16 POST /xmlrpc.php - - 196.41.50.190 HTTP/1.1 Jetpack/13.0;+WordPress/6.1;+http://site59637911.com - 200 650
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 10:47:32
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 06:47:26.484545 2026] [security2:error] [pid 25704:tid 25704] [client 196.41.50.190:57676] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|esysapps.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "esysapps.com"] [uri "/xmlrpc.php"] [unique_id "akZBvgi9OHv4fRhUALXd0AAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 10:21:12
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 06:21:07.226423 2026] [security2:error] [pid 14408:tid 14408] [client 196.41.50.190:61632] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|cynosurephotography.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurephotography.com"] [uri "/xmlrpc.php"] [unique_id "akY7kw3ONiJd0s0jlRhQqAAAAA4"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 05:13:48
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 01:13:40.536483 2026] [security2:error] [pid 14193:tid 14193] [client 196.41.50.190:56760] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|accommodation-perthairport.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "accommodation-perthairport.com"] [uri "/xmlrpc.php"] [unique_id "akXzhCFmNf38CM5EiFSAsAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 07:57:08
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 03:56:59.803282 2026] [security2:error] [pid 7956:tid 7956] [client 196.41.50.190:51655] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|rblep.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rblep.com"] [uri "/xmlrpc.php"] [unique_id "akTIS4MmX7ol64dLZsbSfAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-29 06:53:33
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 02:53:28.903001 2026] [security2:error] [pid 20568:tid 20568] [client 196.41.50.190:53480] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|kotelbarmitzvah.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kotelbarmitzvah.com"] [uri "/xmlrpc.php"] [unique_id "akIWaMGX2Papk_Xpr9ACogAAAGo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-29 05:51:38
(1 week ago)
(wordpress) Failed wordpress login from 196.41.50.190 (TZ/Tanzania/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-06-29 05:22:32
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 29 01:22:24.100688 2026] [security2:error] [pid 20669:tid 20669] [client 196.41.50.190:53185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|odysseydogasporlari.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "odysseydogasporlari.com"] [uri "/xmlrpc.php"] [unique_id "akIBEBLGZbfzOztyPVRjbAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-27 08:38:02
(1 week ago)
196.41.50.190 - - [27/Jun/2026:10:37:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by W ...
show more
196.41.50.190 - - [27/Jun/2026:10:37:42 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)"
196.41.50.190 - - [27/Jun/2026:10:37:41 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.4)"
196.41.50.190 - - [27/Jun/2026:10:37:50 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
196.41.50.190 - - [27/Jun/2026:10:37:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.3)"
196.41.50.190 - - [27/Jun/2026:10:38:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/13.0; WordPress/6.1; http://site31042670.com"
...
show less
Brute-Force
Web App Attack
๐ง๐ช
cmbplf
2026-06-25 11:10:20
(1 week ago)
2.131 requests from abuseipdb.com blacklisted IP (1yr3mos2w)
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-06-25 07:25:15
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 03:25:09.699247 2026] [security2:error] [pid 13446:tid 13446] [client 196.41.50.190:59694] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|dwightbrown.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dwightbrown.com"] [uri "/xmlrpc.php"] [unique_id "ajzX1fMelIywUwdvtHGPAgAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-24 13:11:47
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 196.41.50.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:11:39.067062 2026] [security2:error] [pid 1213:tid 1213] [client 196.41.50.190:64432] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.41.50.190 (+1 hits since last alert)|johncyphers.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "johncyphers.com"] [uri "/xmlrpc.php"] [unique_id "ajvXi78ERL4VB8XX_lKfyQAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
bigwavedave
2026-06-24 12:39:04
(1 week ago)
Wordpress Attack
Web App Attack