πΊπΈ
lostswordfish.com
2026-06-25 15:14:07
(4 days ago)
Wordfence waf block on 1105merrystreet
Web App Attack
Anonymous
2026-06-25 13:28:33
(4 days ago)
[server.tmg.gr] httpd-xmlrpc-post: sites=aidshep2018.gr; logs=/var/log/httpd/domains/aidshep2018.gr. ...
show more
[server.tmg.gr] httpd-xmlrpc-post: sites=aidshep2018.gr; logs=/var/log/httpd/domains/aidshep2018.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
π©πͺ
rh24
2026-06-25 05:05:19
(4 days ago)
(wordpress) Failed wordpress login from 41.60.160.123 (ZM/Zambia/-): (CF_ENABLE)
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-25 02:25:16
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 22:25:06.180804 2026] [security2:error] [pid 31255:tid 31255] [client 41.60.160.123:0] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.160.123 (+1 hits since last alert)|cloudex.click|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cloudex.click"] [uri "/xmlrpc.php"] [unique_id "ajyRgkyDUs4qAcfRc2gXLQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-06-25 01:19:58
(4 days ago)
(wordpress) Failed wordpress login from 41.60.160.123 (ZM/Zambia/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-24 22:37:08
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 18:37:03.082727 2026] [security2:error] [pid 16423:tid 16425] [client 41.60.160.123:25841] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.160.123 (+1 hits since last alert)|sallykimmel.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sallykimmel.com"] [uri "/xmlrpc.php"] [unique_id "ajxcD6q48dXRO5uTNjfQggAAAQA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
Marc
2026-06-24 22:31:26
(4 days ago)
41.60.160.123 - - [25/Jun/2026:00:31:07 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "Jetpack by ...
show more
41.60.160.123 - - [25/Jun/2026:00:31:07 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)" 41.60.160.123 - - [25/Jun/2026:00:31:18 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3467 "-" "WordPress.com; https://wordpress.com" 41.60.160.123 - - [25/Jun/2026:00:31:25 +0200] "POST /xmlrpc.php HTTP/1.1" 403 3465 "-" "Jetpack/13.0; WordPress/6.1; http://site25554868.com"
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 18:26:21
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 14:26:13.980411 2026] [security2:error] [pid 1703:tid 1703] [client 41.60.160.123:60608] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.160.123 (+1 hits since last alert)|christaylorjazzpianist.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "christaylorjazzpianist.com"] [uri "/xmlrpc.php"] [unique_id "ajwhRcL1seMCzS5plJSUtAAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 13:12:47
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:12:43.490474 2026] [security2:error] [pid 1213:tid 1213] [client 41.60.160.123:35555] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.160.123 (+1 hits since last alert)|hsoftwaresystems.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "hsoftwaresystems.net"] [uri "/xmlrpc.php"] [unique_id "ajvXy78ERL4VB8XX_lKf1gAAABo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¬π§
Apache
2026-06-24 12:49:44
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (ZM/Zambia/-): 5 in the last 300 ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (ZM/Zambia/-): 5 in the last 300 secs
show less
Brute-Force
Web App Attack
π«π·
masterguru
2026-06-24 11:43:40
(5 days ago)
xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)
Hacking
πΊπΈ
TPI-Abuse
2026-06-24 10:12:36
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.160.123 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 06:12:31.121972 2026] [security2:error] [pid 6196:tid 6196] [client 41.60.160.123:56318] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.160.123 (+1 hits since last alert)|pcga.golf|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pcga.golf"] [uri "/xmlrpc.php"] [unique_id "ajutj1ilz0glHln08GlmQAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΎ
Rizzy
2026-06-24 08:08:24
(5 days ago)
Multiple WAF Violations
Brute-Force
Web App Attack
πͺπΈ
masterguru
2026-06-24 07:41:24
(5 days ago)
(xmlrpc) Failed xmlrpc access from 41.60.160.123 (ZA/South Africa/-): 5 in the last 3600 secs (0-122 ...
show more
(xmlrpc) Failed xmlrpc access from 41.60.160.123 (ZA/South Africa/-): 5 in the last 3600 secs (0-122)
show less
Hacking
π©πͺ
konseptit
2026-06-24 07:08:31
(5 days ago)
(wordpress) Failed wordpress login from 41.60.160.123 (ZM/Zambia/-)
Brute-Force