๐ฌ๐ง
Apache
2026-07-10 15:06:41
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (ZW/Zimbabwe/-): 5 in the last 300 ...
show more
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (ZW/Zimbabwe/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 14:38:50
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 10:38:45.875770 2026] [security2:error] [pid 31760:tid 31760] [client 41.173.37.99:12427] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.173.37.99 (+1 hits since last alert)|slattery-law.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "slattery-law.com"] [uri "/xmlrpc.php"] [unique_id "alED9bGCCAgwZ50lPgbyuwAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 12:07:46
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 08:07:41.206950 2026] [security2:error] [pid 20877:tid 20887] [client 41.173.37.99:8158] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.173.37.99 (+1 hits since last alert)|kemalinal.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kemalinal.com"] [uri "/xmlrpc.php"] [unique_id "ak49jQZsk9K8nAWUtcXvZQAAAMc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-06 12:22:09
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 06 08:22:01.504544 2026] [security2:error] [pid 25333:tid 25333] [client 41.173.37.99:13228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.173.37.99 (+1 hits since last alert)|thepercussionworks.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "thepercussionworks.com"] [uri "/xmlrpc.php"] [unique_id "akud6UQMZHLtnYQvRGNjYwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
dynamix
2026-07-02 07:09:18
(1 week ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
Anonymous
2026-07-01 14:32:59
(1 week ago)
(wordpress) Failed wordpress login from 41.173.37.99 (ZW/Zimbabwe/-)
Brute-Force
๐ง๐ฌ
HighWay
2026-06-29 10:13:23
(1 week ago)
41.173.37.99 - - [29/Jun/2026:10:13:00 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4570 "-" "Jetpack/12.5 ...
show more
41.173.37.99 - - [29/Jun/2026:10:13:00 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4570 "-" "Jetpack/12.5; WordPress/6.3; http://site99227585.com"
41.173.37.99 - - [29/Jun/2026:10:13:10 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4570 "-" "Jetpack/12.1; WordPress/6.3; http://site59255651.com"
41.173.37.99 - - [29/Jun/2026:10:13:20 +0000] "POST /xmlrpc.php HTTP/1.1" 200 4568 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
๐ฆ๐บ
screwlooseit.com.au
2026-06-16 10:45:42
(3 weeks ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
ZA/South Africa/-
Web App Attack
๐ณ๐ฑ
wlt-blocker
2026-06-03 14:02:38
(1 month ago)
Unauthorized access to webpage admin
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-03 08:05:36
(1 month ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 10:22:06
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:22:00.440070 2026] [security2:error] [pid 12609:tid 12609] [client 41.173.37.99:11580] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.173.37.99 (+1 hits since last alert)|digi-estudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "digi-estudio.com"] [uri "/xmlrpc.php"] [unique_id "ah6uyHc1tfjc9TV7Go-BogAAACk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-02 09:43:01
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:42:54.431780 2026] [security2:error] [pid 20839:tid 20860] [client 41.173.37.99:3471] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.173.37.99 (+1 hits since last alert)|hmpdecors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hmpdecors.com"] [uri "/xmlrpc.php"] [unique_id "ah6lnnZS8Dv6pKBYgPFoRQAAANM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฑ๐ป
garmtech.com
2026-06-01 08:34:18
(1 month ago)
IM360 WAF: Rate limit exceeded for XMLRPC DoS
Web App Attack
๐ซ๐ท
Kenshin869
2026-03-26 14:06:44
(3 months ago)
Wordpress unauthorized access attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-03-23 06:16:39
(3 months ago)
(mod_security) mod_security (id:225170) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 41.173.37.99 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 02:16:33.594801 2026] [security2:error] [pid 15259:tid 15259] [client 41.173.37.99:2748] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||speedgo.mx|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "speedgo.mx"] [uri "/wp-json/wp/v2/users"] [unique_id "acDawVXZYf-QeaRQJk5VMQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack