๐ช๐ธ
masterguru
2026-07-07 06:11:30
(1 day ago)
(xmlrpc) Failed xmlrpc access from 196.65.216.243 (MA/Morocco/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-07 02:06:22
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 22:06:16.304611 2026] [security2:error] [pid 29839:tid 29839] [client 196.65.216.243:50688] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.65.216.243 (+1 hits since last alert)|goseethenurse.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "goseethenurse.com"] [uri "/xmlrpc.php"] [unique_id "akxfGPFqLcG1ZCpkGKhkPQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-07 01:36:27
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 21:36:22.038821 2026] [security2:error] [pid 11385:tid 11385] [client 196.65.216.243:58825] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.65.216.243 (+1 hits since last alert)|stinsonbeachsurfandkayak.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stinsonbeachsurfandkayak.com"] [uri "/xmlrpc.php"] [unique_id "akxYFpAKev0swb6l_sUnsgAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 23:42:52
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 19:42:44.319351 2026] [security2:error] [pid 10989:tid 10989] [client 196.65.216.243:52655] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.65.216.243 (+1 hits since last alert)|newhopepetgrooming.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newhopepetgrooming.com"] [uri "/xmlrpc.php"] [unique_id "akw9dIEpHXfgSRUFSsPnIQAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 23:13:21
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 19:13:17.590569 2026] [security2:error] [pid 14949:tid 14949] [client 196.65.216.243:64860] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.65.216.243 (+1 hits since last alert)|celebritybikinigossip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "celebritybikinigossip.com"] [uri "/xmlrpc.php"] [unique_id "akw2jT5QIUmmTmdZasK-4AAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
integrantservices.com
2026-07-06 22:08:17
(2 days ago)
(wordpress) Failed wordpress login from 196.65.216.243 (MA/Morocco/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-06 21:09:16
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 17:09:09.777260 2026] [security2:error] [pid 24695:tid 24695] [client 196.65.216.243:65439] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.65.216.243 (+1 hits since last alert)|stacyfarm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stacyfarm.com"] [uri "/xmlrpc.php"] [unique_id "akwZddBntC2q7_whCqlV9QAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 20:38:19
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 196.65.216.243 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 16:38:13.258044 2026] [security2:error] [pid 6407:tid 6407] [client 196.65.216.243:58177] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 196.65.216.243 (+1 hits since last alert)|opticasprisma.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "opticasprisma.com"] [uri "/xmlrpc.php"] [unique_id "akwSNRbPj_k5kgl5rHiSmQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack