๐บ๐ธ
integrantservices.com
2026-07-17 08:24:04
(22 hours ago)
(wordpress) Failed wordpress login from 41.221.84.166 (UG/Uganda/-)
Brute-Force
Anonymous
2026-07-15 06:55:28
(3 days ago)
[redacted] 41.221.84.166 - - [15/Jul/2026:08:54:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 41.221.84.166 - - [15/Jul/2026:08:54:45 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.5; WordPress 6.1)"
[redacted] 41.221.84.166 - - [15/Jul/2026:08:54:56 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)"
[redacted] 41.221.84.166 - - [15/Jul/2026:08:55:06 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 41.221.84.166 - - [15/Jul/2026:08:55:17 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 41.221.84.166 - - [15/Jul/2026:08:55:27 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-07-14 15:27:21
(3 days ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 12:16:52
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 08:16:49.486832 2026] [security2:error] [pid 729050:tid 729050] [client 41.221.84.166:60584] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|t9teamsportinggoods.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "t9teamsportinggoods.com"] [uri "/xmlrpc.php"] [unique_id "alYosTZyY4zrgatWVhQn2QAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 11:02:26
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 07:02:21.418865 2026] [security2:error] [pid 4010:tid 4052] [client 41.221.84.166:61400] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|ethicmark.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ethicmark.org"] [uri "/xmlrpc.php"] [unique_id "alYXPVYrpuOCe7HOp8ZbKwAAAMU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 10:33:22
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 14 06:33:15.431438 2026] [security2:error] [pid 1654:tid 1654] [client 41.221.84.166:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|bradleybarefoot.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bradleybarefoot.com"] [uri "/xmlrpc.php"] [unique_id "alYQazVSUNPWRmgqKOzmagAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-14 10:29:05
(3 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-13 12:15:24
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 08:15:18.147915 2026] [security2:error] [pid 1172:tid 1172] [client 41.221.84.166:63696] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|wwfstudio.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wwfstudio.com"] [uri "/xmlrpc.php"] [unique_id "alTW1jIwZdwDOylsBUtvAQAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-10 12:12:01
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 08:11:54.153580 2026] [security2:error] [pid 16881:tid 16881] [client 41.221.84.166:54971] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|ucommsi.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ucommsi.com"] [uri "/xmlrpc.php"] [unique_id "alDhit4Dac42_W2d4yk-vwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-10 11:42:18
(1 week ago)
(xmlrpc) Failed xmlrpc access from 41.221.84.166 (UG/Uganda/-): 5 in the last 3600 secs (0-122)
Hacking
๐บ๐ธ
nationaleventpros.com
2026-07-10 11:38:21
(1 week ago)
WordPress login attempt
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-10 11:11:43
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 07:11:36.575791 2026] [security2:error] [pid 2048:tid 2048] [client 41.221.84.166:58276] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|camasmarket.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "camasmarket.com"] [uri "/xmlrpc.php"] [unique_id "alDTaPqJOoDJkjXMYVMPDAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:45:10
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:45:02.764434 2026] [security2:error] [pid 21803:tid 21803] [client 41.221.84.166:55599] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|localpetsitters.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "localpetsitters.com"] [uri "/xmlrpc.php"] [unique_id "ak3__tifOXIBQv-MYavI3gAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-08 07:13:58
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.221.84.166 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 08 03:13:53.523619 2026] [security2:error] [pid 13244:tid 13244] [client 41.221.84.166:59031] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.221.84.166 (+1 hits since last alert)|soonerstone.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "soonerstone.com"] [uri "/xmlrpc.php"] [unique_id "ak34saWOzPtFsZvvCLtDmgAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-08 06:11:26
(1 week ago)
(xmlrpc) Failed xmlrpc access from 41.221.84.166 (UG/Uganda/-): 5 in the last 3600 secs (0-122)
Hacking