๐บ๐ธ
TPI-Abuse
2026-07-03 05:08:05
(11 minutes ago)
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orang ...
show more
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orange.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:07:57.638091 2026] [security2:error] [pid 17481:tid 17481] [client 213.76.58.97:50670] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.76.58.97 (+1 hits since last alert)|shannonraevocalstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "shannonraevocalstudio.com"] [uri "/xmlrpc.php"] [unique_id "akdDrWt3GbkeGWiDFaoqJQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฒ๐พ
Rizzy
2026-07-03 04:31:45
(47 minutes ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-03 02:31:15
(2 hours ago)
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orang ...
show more
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orange.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 22:31:08.154661 2026] [security2:error] [pid 3565:tid 3565] [client 213.76.58.97:63782] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.76.58.97 (+1 hits since last alert)|thebrotherhoodlounge.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thebrotherhoodlounge.com"] [uri "/xmlrpc.php"] [unique_id "akce7Bz3qnTtQKNzrS6_lAAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
debestelapp
2026-07-02 23:10:07
(6 hours ago)
Web App Attack
Anonymous
2026-07-02 22:06:05
(7 hours ago)
Trying to access config files
Web App Attack
๐ฉ๐ช
rh24
2026-07-02 21:52:33
(7 hours ago)
(wordpress) Failed wordpress login from 213.76.58.97 (PL/Poland/213.76.58.97.ipv4.supernova.orange.p ...
show more
(wordpress) Failed wordpress login from 213.76.58.97 (PL/Poland/213.76.58.97.ipv4.supernova.orange.pl): (CF_ENABLE)
show less
Brute-Force
๐ฌ๐ง
Steve
2026-07-02 20:39:42
(8 hours ago)
Abuse of XMLRPC
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-02 02:13:03
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orang ...
show more
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orange.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 22:12:56.554594 2026] [security2:error] [pid 22448:tid 22448] [client 213.76.58.97:51118] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.76.58.97 (+1 hits since last alert)|margroberts.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "margroberts.com"] [uri "/xmlrpc.php"] [unique_id "akXJKFwwyk_-psH3kjb_UgAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-02 02:11:28
(1 day ago)
Repeated wp-login/xmlrpc attempts
Brute-Force
SSH
๐ฒ๐พ
Rizzy
2026-07-02 01:18:34
(1 day ago)
Multiple WAF Violations
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 23:48:35
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orang ...
show more
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orange.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 19:48:30.382311 2026] [security2:error] [pid 31664:tid 31705] [client 213.76.58.97:56924] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.76.58.97 (+1 hits since last alert)|hooknpatch.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hooknpatch.com"] [uri "/xmlrpc.php"] [unique_id "akWnTngjfdiXUEg29KhxCwAAAIo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 21:15:00
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orang ...
show more
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orange.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 17:14:53.511112 2026] [security2:error] [pid 4258:tid 4258] [client 213.76.58.97:64820] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.76.58.97 (+1 hits since last alert)|ideaofauniversity.website|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ideaofauniversity.website"] [uri "/xmlrpc.php"] [unique_id "akWDTbmPc6TwJmEOHJ9ffwAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-01 20:10:36
(1 day ago)
Wordpress Vunerability attack
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-01 04:55:29
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orang ...
show more
(mod_security) mod_security (id:240335) triggered by 213.76.58.97 (213.76.58.97.ipv4.supernova.orange.pl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 01 00:55:26.355916 2026] [security2:error] [pid 25235:tid 25235] [client 213.76.58.97:59366] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 213.76.58.97 (+1 hits since last alert)|lighthousescm.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "lighthousescm.com"] [uri "/xmlrpc.php"] [unique_id "akSdvibOV8rlHPQXCYvjMQAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Marc
2026-07-01 01:33:10
(2 days ago)
213.76.58.97 - - [01/Jul/2026:03:32:48 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3467 "-" "Jetpack by W ...
show more
213.76.58.97 - - [01/Jul/2026:03:32:48 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3467 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)" 213.76.58.97 - - [01/Jul/2026:03:32:59 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)" 213.76.58.97 - - [01/Jul/2026:03:33:09 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3466 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
show less
Brute-Force
Web App Attack