๐น๐ท
Ted Mayers
2026-05-30 20:41:13
(1 month ago)
DROP_INPUT detected 98 times on IPFire, port 51413
Brute-Force
๐ง๐ท
ICS Labs
2026-05-25 13:30:50
(1 month ago)
ICS Labs identified 197.188.132.218 as a malicious indicator from threat intelligence.
DDoS Attack
Hacking
Exploited Host
๐ฟ๐ฆ
maximonline.co.za
2026-05-22 13:09:45
(1 month ago)
Brute Force IMAP AUTH Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-05-15 14:31:32
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:210492) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 10:31:24.825263 2026] [security2:error] [pid 3734:tid 3734] [client 197.188.132.218:21488] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/composer.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.et.lobibilisim.com"] [uri "/vendor/sebastian/environment/composer.json"] [unique_id "agcuPDUhf5GTuxQNIqm-DwAAAAI"], referer: https://www.et.lobibilisim.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
Agrohim
2026-04-25 00:44:02
(2 months ago)
Gate Inet blocked for categories:
DDoS Attack
Ping of Death
Port Scan
Hacking
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-04-20 14:47:32
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 20 10:47:24.954765 2026] [security2:error] [pid 3749447:tid 3749447] [client 197.188.132.218:19980] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.218 (+1 hits since last alert)|centrodentalsindolor.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "centrodentalsindolor.com"] [uri "/xmlrpc.php"] [unique_id "aeY8fPReeQT9IQabPve-5wAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
applemooz
2026-04-18 13:27:19
(2 months ago)
WordPress XMLRPC Brute Force Attacks
...
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-18 13:26:26
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 09:26:20.147556 2026] [security2:error] [pid 7301:tid 7314] [client 197.188.132.218:32471] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.218 (+1 hits since last alert)|smarterproductions.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "smarterproductions.com"] [uri "/xmlrpc.php"] [unique_id "aeOGfDYn9u21asKime1Y2gAAAMk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-18 11:39:03
(2 months ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 07:38:52.385440 2026] [security2:error] [pid 3794547:tid 3794547] [client 197.188.132.218:30360] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.218 (+1 hits since last alert)|4115thewestford.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "4115thewestford.com"] [uri "/xmlrpc.php"] [unique_id "aeNtTAN7dszo6IEFQVMmlAAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-16 07:13:04
(3 months ago)
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 197.188.132.218 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 03:12:55.696837 2026] [security2:error] [pid 27529:tid 27529] [client 197.188.132.218:28725] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 197.188.132.218 (+1 hits since last alert)|bzbdesigns.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bzbdesigns.com"] [uri "/xmlrpc.php"] [unique_id "aeCL99IfbAdpCbeDX_-7_QAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ท๐บ
Agrohim
2026-04-15 00:06:02
(3 months ago)
Gate Inet blocked for categories:
DDoS Attack
Ping of Death
Port Scan
Hacking
Brute-Force
๐ซ๐ท
Kenshin869
2026-04-14 12:04:53
(3 months ago)
Wordpress unauthorized access attempt
Brute-Force
๐ซ๐ท
SpaceHost-Server
2026-04-12 21:40:48
(3 months ago)
197.188.132.218 - - [12/Apr/2026:23:40:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "Jetpack/1 ...
show more
197.188.132.218 - - [12/Apr/2026:23:40:27 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "Jetpack/12.1; WordPress/6.3; http://site42103568.com"
197.188.132.218 - - [12/Apr/2026:23:40:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "WordPress.com; https://wordpress.com"
197.188.132.218 - - [12/Apr/2026:23:40:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4985 "-" "Jetpack/12.0; WordPress/6.4; http://site16255930.com"
show less
Hacking
Web App Attack
Anonymous
2026-02-27 00:41:41
(4 months ago)
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to ...
show more
Distributed web crawl botnet attack (like Mellowtel), likely illicit scraping of AI training data to bypass firewall/robots.txt restrictions in printer-friendly.asp
show less
Exploited Host
Bad Web Bot
๐จ๐ญ
backslash
2026-02-24 17:18:00
(4 months ago)
block ruleset 3D3AFA921A373ECE19B6BA285C2D722163304638
Bad Web Bot