JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 213.6.202.246

213.6.202.246 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 30%: ?

30%

ISP	Palestine Telecommunications Company (PALTEL)
Usage Type	Fixed Line ISP
ASN	AS12975
Domain Name	paltelgroup.ps
Country	🇵🇸 Palestine, State of
City	Nablus, West Bank

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 213.6.202.246

Whois 213.6.202.246

IP Abuse Reports for 213.6.202.246:

This IP address has been reported a total of 7 times from 4 distinct sources. 213.6.202.246 was first reported on June 10th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 rh24	2026-06-11 12:07:02 (2 days ago)	(xmlrpc_405) XMLRPC-Bot 405 213.6.202.246 (PS/Palestine/-)	Hacking
🇺🇸 TPI-Abuse	2026-06-11 11:31:19 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:31:16.052182 2026] [security2:error] [pid 32148:tid 32148] [client 213.6.202.246:55804] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.6.202.246 (+1 hits since last alert)\|nancyscafeandcatering.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "nancyscafeandcatering.com"] [uri "/xmlrpc.php"] [unique_id "aiqchILHY2r8kUSlLZrWXAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:15:13 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:15:09.425651 2026] [security2:error] [pid 24320:tid 24320] [client 213.6.202.246:59892] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.6.202.246 (+1 hits since last alert)\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "gonzalez.com"] [uri "/xmlrpc.php"] [unique_id "aiqYvdUh96Qb5rtBLTWpzgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 05:56:18 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 01:56:11.148815 2026] [security2:error] [pid 2108:tid 2175] [client 213.6.202.246:51125] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.6.202.246 (+1 hits since last alert)\|woodamy.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "woodamy.com"] [uri "/xmlrpc.php"] [unique_id "aipN-y58TUYEociBGVEeNwAAAQc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-11 04:47:35 (2 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇺🇸 TPI-Abuse	2026-06-10 11:52:31 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 213.6.202.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 07:52:28.016722 2026] [security2:error] [pid 15872:tid 15872] [client 213.6.202.246:53900] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 213.6.202.246 (+1 hits since last alert)\|jaragoodrich.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "jaragoodrich.com"] [uri "/xmlrpc.php"] [unique_id "ailP_BnqqtZ3ca_n-g0Q4gAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-10 11:50:59 (3 days ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 51.79.99.235

🇳🇱 45.148.10.151

🇫🇷 207.180.223.44

🇺🇸 185.198.240.159

🇺🇸 162.216.149.19

🇬🇧 109.158.62.104

🇨🇦 104.255.152.18

🇬🇧 104.248.172.234

🇩🇪 104.248.18.1

🇵🇱 83.27.249.228

🇷🇺 82.146.45.91

🇰🇷 43.164.133.108

🇪🇸 185.176.8.77

🇺🇸 173.239.240.54

🇸🇬 104.248.158.135

🇸🇬 104.248.152.33

🇮🇩 103.154.231.122

🇫🇷 92.119.124.123

🇬🇪 91.151.136.224

🇨🇳 58.33.97.119