๐บ๐ธ
TPI-Abuse
2026-07-13 13:02:11
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 09:02:06.872243 2026] [security2:error] [pid 6481:tid 6481] [client 197.133.16.94:64039] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.133.16.94 (+1 hits since last alert)|sacoriverjazz.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sacoriverjazz.org"] [uri "/xmlrpc.php"] [unique_id "alThziXad68rf_mHsTRcYwAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TAY
2026-07-13 12:17:43
(3 days ago)
197.133.16.94 - - [13/Jul/2026:20:17:20 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5967 "-" "Jetpack by ...
show more
197.133.16.94 - - [13/Jul/2026:20:17:20 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5967 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.4)"
197.133.16.94 - - [13/Jul/2026:20:17:30 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5967 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:20:17:41 +0800] "POST /xmlrpc.php HTTP/1.1" 200 5967 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 11:49:37
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:49:30.232592 2026] [security2:error] [pid 12926:tid 12926] [client 197.133.16.94:65280] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.133.16.94 (+1 hits since last alert)|tell-me-first.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "tell-me-first.com"] [uri "/xmlrpc.php"] [unique_id "alTQykfgvnAB-cCUnzXmRwAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 11:18:20
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 07:18:16.787997 2026] [security2:error] [pid 22187:tid 22187] [client 197.133.16.94:53321] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.133.16.94 (+1 hits since last alert)|caddydad.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caddydad.com"] [uri "/xmlrpc.php"] [unique_id "alTJeLyaIIr3iKZHAAd22AAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 11:17:12
(3 days ago)
(wordpress) Failed wordpress login from 197.133.16.94 (EG/Egypt/-)
Brute-Force
๐ช๐ธ
masterguru
2026-07-13 10:15:59
(3 days ago)
(xmlrpc) Failed xmlrpc access from 197.133.16.94 (EG/Egypt/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-13 09:45:06
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 05:45:02.136250 2026] [security2:error] [pid 27574:tid 27574] [client 197.133.16.94:54555] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.133.16.94 (+1 hits since last alert)|consolidatedoperationsgroup.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "consolidatedoperationsgroup.com"] [uri "/xmlrpc.php"] [unique_id "alSznif4VjM-pDNDesZ9wAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-13 09:30:13
(3 days ago)
197.133.16.94 - - [13/Jul/2026:05:28:58 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5266 "-" "WordPress.c ...
show more
197.133.16.94 - - [13/Jul/2026:05:28:58 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5266 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:05:29:19 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5266 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:05:29:51 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5266 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:05:30:02 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5266 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:05:30:13 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5266 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 08:43:44
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 04:43:38.308660 2026] [security2:error] [pid 11224:tid 11224] [client 197.133.16.94:50836] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.133.16.94 (+1 hits since last alert)|soundtrax.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "soundtrax.net"] [uri "/xmlrpc.php"] [unique_id "alSlOqxjlSS_nLH9SFVlrQAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-13 07:44:50
(3 days ago)
197.133.16.94 - - [13/Jul/2026:03:42:11 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5768 "-" "WordPress.c ...
show more
197.133.16.94 - - [13/Jul/2026:03:42:11 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5768 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:03:43:04 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5768 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:03:44:06 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5768 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:03:44:17 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5768 "-" "WordPress.com; https://wordpress.com"
197.133.16.94 - - [13/Jul/2026:03:44:49 -0400] "POST /xmlrpc.php HTTP/1.0" 403 5768 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 06:41:21
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 197.133.16.94 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 02:41:12.995078 2026] [security2:error] [pid 2010:tid 2010] [client 197.133.16.94:62647] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.133.16.94 (+1 hits since last alert)|eftekharschool.ir|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "eftekharschool.ir"] [uri "/xmlrpc.php"] [unique_id "alSIiKwncq_cnIFGTgT2BAAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack