๐บ๐ธ
TPI-Abuse
2026-07-04 22:41:44
(2 hours ago)
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 18:41:40.067651 2026] [security2:error] [pid 14954:tid 14954] [client 141.98.142.185:48803] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 141.98.142.185 (+1 hits since last alert)|yogawithbubba.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yogawithbubba.com"] [uri "/xmlrpc.php"] [unique_id "akmMJHV3smqpev2Li-TxzAAAABA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-04 22:04:28
(3 hours ago)
141.98.142.185 - - [05/Jul/2026:00:04:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12. ...
show more
141.98.142.185 - - [05/Jul/2026:00:04:05 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.1; WordPress/6.4; http://site44715141.com"
141.98.142.185 - - [05/Jul/2026:00:04:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack/12.1; WordPress/6.4; http://site44715141.com"
141.98.142.185 - - [05/Jul/2026:00:04:15 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com"
141.98.142.185 - - [05/Jul/2026:00:04:16 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "WordPress.com; https://wordpress.com"
141.98.142.185 - - [05/Jul/2026:00:04:26 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.0; WordPress/6.3; http://site86109977.com"
...
show less
Brute-Force
Web App Attack
๐ช๐ธ
alferez
2026-07-04 21:11:21
(4 hours ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 19:22:28
(5 hours ago)
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 15:22:25.012138 2026] [security2:error] [pid 19594:tid 19594] [client 141.98.142.185:59875] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 141.98.142.185 (+1 hits since last alert)|dragonflytunes.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dragonflytunes.com"] [uri "/xmlrpc.php"] [unique_id "akldcRP3bD4UTWXDBIbs8gAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 18:52:49
(6 hours ago)
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:52:44.821286 2026] [security2:error] [pid 15438:tid 15438] [client 141.98.142.185:8082] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 141.98.142.185 (+1 hits since last alert)|havilahmalone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "havilahmalone.com"] [uri "/xmlrpc.php"] [unique_id "aklWfLxCmB4l17N7PHNAHQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-04 15:45:23
(9 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-04 15:07:07
(10 hours ago)
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 141.98.142.185 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 11:07:02.542434 2026] [security2:error] [pid 25813:tid 25813] [client 141.98.142.185:13357] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 141.98.142.185 (+1 hits since last alert)|rodandreelpiercam.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "rodandreelpiercam.com"] [uri "/xmlrpc.php"] [unique_id "akkhlmLywFMDzf46QvDz4AAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ธ๐ฌ
mypatricks
2026-06-06 01:36:07
(4 weeks ago)
141.98.142.185 | Port: 12256 | DNS: 172.58.134.99 2026-06-06T09:36:05+08:00 Europe/Tirane | FETCH Sp ...
show more
141.98.142.185 | Port: 12256 | DNS: 172.58.134.99 2026-06-06T09:36:05+08:00 Europe/Tirane | FETCH Sproofing Activity Detetced. | UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 HTTP/1.1 443 GET | URL: /contents/jquery-code/?daeedbeacb | Ref: - | Country: AL/Albania/+01:00 IP City: Durrรซs a073af238d3fe231-MRS/Marseille, France 2 hits/3 secs Robots 1
show less
Brute-Force
Web App Attack
Blog Spam
Web Spam
Exploited Host
๐ฉ๐ช
SMARTNET
2026-05-27 06:03:53
(1 month ago)
Aisuru(Mirai variant) DDoS | Incident ID: 5b730afc-5cec-4742-843f-18085cc64e5c
DDoS Attack
๐ฎ๐น
A000Z
2026-04-14 00:42:03
(2 months ago)
Fail2Ban: 141.98.142.185 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5 ...
show more
Fail2Ban: 141.98.142.185 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36
show less
Bad Web Bot
๐บ๐ธ
SiliSoftware
2026-04-02 04:00:33
(3 months ago)
/phpBB3/viewtopic.php?f=22&t=884&sid=5e435dff7782bc7a206693411751ce3c
Web App Attack
๐จ๐ฆ
polycoda
2026-01-23 19:15:19
(5 months ago)
๐ฅถ Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27
DDoS Attack
Anonymous
2026-01-16 21:30:49
(5 months ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
๐ฉ๐ช
SMARTNET
2025-11-30 18:38:00
(7 months ago)
Aisuru(Mirai variant) DDoS
DDoS Attack
Anonymous
2025-11-18 07:29:51
(7 months ago)
scanning http requests from known botnet
Web App Attack