JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.40.98.80

41.40.98.80 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 85%: ?

85%

ISP	TE Data
Usage Type	Fixed Line ISP
ASN	AS8452
Domain Name	tedata.net
Country	🇪🇬 Egypt
City	Alexandria, Alexandria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.40.98.80

Whois 41.40.98.80

IP Abuse Reports for 41.40.98.80:

This IP address has been reported a total of 21 times from 15 distinct sources. 41.40.98.80 was first reported on June 22nd 2026, and the most recent report was 7 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-26 13:04:43 (7 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 09:04:38.134151 2026] [security2:error] [pid 3961:tid 3961] [client 41.40.98.80:54383] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.40.98.80 (+1 hits since last alert)\|yogawithbubba.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "yogawithbubba.com"] [uri "/xmlrpc.php"] [unique_id "aj545pfnLYGTEztFQaFYNQAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 09:34:10 (11 hours ago)	Attac	Brute-Force
🇩🇪 ger-stg-sifi1	2026-06-26 05:23:00 (15 hours ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-26 03:37:12 (17 hours ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 13:21:14 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 09:21:09.471154 2026] [security2:error] [pid 31281:tid 31281] [client 41.40.98.80:54961] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.40.98.80 (+1 hits since last alert)\|konahawaii.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "konahawaii.com"] [uri "/xmlrpc.php"] [unique_id "aj0rRVj_MVkf_TFTZWxMEwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-25 12:50:27 (1 day ago)	(xmlrpc) Apache: Failed xmlrpc access from 41.40.98.80 (EG/Egypt/-): 10 in the last 3600 secs (0-201 ... show more (xmlrpc) Apache: Failed xmlrpc access from 41.40.98.80 (EG/Egypt/-): 10 in the last 3600 secs (0-201) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-25 02:58:51 (1 day ago)	(mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 22:58:47.877932 2026] [security2:error] [pid 20209:tid 20209] [client 41.40.98.80:59254] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.40.98.80 (+1 hits since last alert)\|caralis.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "caralis.com"] [uri "/xmlrpc.php"] [unique_id "ajyZZ0QJUPhyUSDLB05EtQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-24 11:51:15 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇳🇱 debestelapp	2026-06-24 10:55:05 (2 days ago)		Web App Attack
🇫🇷 bazter.pro	2026-06-24 09:41:35 (2 days ago)	Fail2Ban: plesk-bot-aggressive - 15 failures	Port Scan Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 09:16:03 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 05:15:55.429318 2026] [security2:error] [pid 4158:tid 4158] [client 41.40.98.80:60609] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.40.98.80 (+1 hits since last alert)\|indiahouseportland.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "indiahouseportland.com"] [uri "/xmlrpc.php"] [unique_id "ajugS3Wr0fWdVQk_oPfDNAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 F242	2026-06-24 05:13:43 (2 days ago)	Wordpress Login or XMLRPC abuse	Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 13:14:16 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.40.98.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 09:14:11.680696 2026] [security2:error] [pid 18916:tid 18916] [client 41.40.98.80:52498] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.40.98.80 (+1 hits since last alert)\|canebrakes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "canebrakes.com"] [uri "/xmlrpc.php"] [unique_id "ajqGo-ZTINOMQLn9LMcZ1gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-23 12:45:04 (3 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Anonymous	2026-06-23 11:44:53 (3 days ago)	[redacted] 41.40.98.80 - - [23/Jun/2026:13:44:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jet ... show more [redacted] 41.40.98.80 - - [23/Jun/2026:13:44:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.4; http://site77048965.com" [redacted] 41.40.98.80 - - [23/Jun/2026:13:44:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 41.40.98.80 - - [23/Jun/2026:13:44:30 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" [redacted] 41.40.98.80 - - [23/Jun/2026:13:44:41 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.1; WordPress/6.3; http://site61547874.com" [redacted] 41.40.98.80 - - [23/Jun/2026:13:44:52 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com" ... show less	Hacking Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.175

🇺🇸 195.184.76.229

🇳🇱 195.178.110.228

🇷🇺 178.185.136.57

🇧🇷 177.135.223.123

🇨🇳 175.13.86.45

🇩🇪 167.94.145.16

🇯🇵 118.194.236.126

🇺🇸 66.132.186.199

🇮🇶 45.157.53.3

🇬🇧 35.203.211.152

🇯🇵 8.221.136.6

🇨🇳 223.109.252.149

🇧🇷 205.210.31.155

🇺🇸 185.88.103.172

🇧🇷 170.231.109.253

🇩🇪 167.94.146.63

🇸🇬 165.22.56.20

🇺🇸 162.216.149.198

🇲🇾 149.118.152.58