๐บ๐ธ
TPI-Abuse
2026-07-18 17:01:17
(3 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 13:01:10.119372 2026] [security2:error] [pid 3652:tid 3652] [client 41.60.165.102:19583] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.165.102 (+1 hits since last alert)|fundingangelinvestors.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fundingangelinvestors.com"] [uri "/xmlrpc.php"] [unique_id "aluxVnif1IOy3QOk5ZYiwAAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
masterguru
2026-07-18 15:25:29
(4 hours ago)
(xmlrpc) Apache: Failed xmlrpc access from 41.60.165.102 (MU/Mauritius/-): 10 in the last 3600 secs ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 41.60.165.102 (MU/Mauritius/-): 10 in the last 3600 secs (0-201)
show less
Hacking
๐ฉ๐ช
LRob
2026-07-18 15:24:49
(4 hours ago)
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.co ...
show more
CrowdSec: crowdsecurity/http-bf-wordpress_bf_xmlrpc | req: /xmlrpc.php | UA: Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)
show less
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-18 12:39:08
(7 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 10:07:22
(9 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 18 06:07:14.445322 2026] [security2:error] [pid 52361:tid 52361] [client 41.60.165.102:61406] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.165.102 (+1 hits since last alert)|bluesbluff.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bluesbluff.com"] [uri "/xmlrpc.php"] [unique_id "altQUk0eMlzdERHRmdEGzQAAACQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
SweetHoneyPress
2026-07-18 03:43:26
(16 hours ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=1062619 | UA: Jetpack/12.5; WordPress/6.1; http:/ ...
show more
WordPress honeypot: POST to /xmlrpc.php | event_id=1062619 | UA: Jetpack/12.5; WordPress/6.1; http://site18659615.com
show less
Web App Attack
Brute-Force
๐ช๐ธ
SweetHoneyPress
2026-07-18 03:28:19
(16 hours ago)
WordPress honeypot: POST to /xmlrpc.php | event_id=1062481 | UA: Jetpack by WordPress.com (Jetpack 1 ...
show more
WordPress honeypot: POST to /xmlrpc.php | event_id=1062481 | UA: Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)
show less
Web App Attack
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-18 03:02:30
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 23:02:24.723990 2026] [security2:error] [pid 1314326:tid 1314326] [client 41.60.165.102:64228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.165.102 (+1 hits since last alert)|bernsteinip.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bernsteinip.com"] [uri "/xmlrpc.php"] [unique_id "alrswCNa5SlfzXVxOP_4FQAAACE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-18 01:57:09
(18 hours ago)
[redacted] 41.60.165.102 - - [18/Jul/2026:03:56:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 41.60.165.102 - - [18/Jul/2026:03:56:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.2; http://site20143873.com"
[redacted] 41.60.165.102 - - [18/Jul/2026:03:56:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 41.60.165.102 - - [18/Jul/2026:03:56:37 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 41.60.165.102 - - [18/Jul/2026:03:56:47 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
[redacted] 41.60.165.102 - - [18/Jul/2026:03:57:07 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-18 00:28:43
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 20:28:36.055253 2026] [security2:error] [pid 1952240:tid 1952240] [client 41.60.165.102:65170] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.165.102 (+1 hits since last alert)|schlegelcreative.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "schlegelcreative.com"] [uri "/xmlrpc.php"] [unique_id "alrItDyAU1GUP68COQo91wAAAAY"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WeekendWeb
2026-07-17 20:08:01
(23 hours ago)
Wordpress Vunerability attack
Web App Attack
Anonymous
2026-07-17 18:35:28
(1 day ago)
[redacted] 41.60.165.102 - - [17/Jul/2026:20:34:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "J ...
show more
[redacted] 41.60.165.102 - - [17/Jul/2026:20:34:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.3)"
[redacted] 41.60.165.102 - - [17/Jul/2026:20:34:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 41.60.165.102 - - [17/Jul/2026:20:35:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 41.60.165.102 - - [17/Jul/2026:20:35:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
[redacted] 41.60.165.102 - - [17/Jul/2026:20:35:26 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.2)"
...
show less
Hacking
Web App Attack
๐ธ๐ช
vaia.cloud
2026-07-17 18:05:07
(1 day ago)
trying wp-login.php/xmlrpc.php 31 times in 1 minutes
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 17:05:29
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 41.60.165.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 13:05:25.760458 2026] [security2:error] [pid 1542:tid 1542] [client 41.60.165.102:3103] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.60.165.102 (+1 hits since last alert)|redlitephotos.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "redlitephotos.com"] [uri "/xmlrpc.php"] [unique_id "alpg1VkGJ5lEW0e7GDHiVQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
masterguru
2026-07-17 15:30:42
(1 day ago)
(xmlrpc) Failed xmlrpc access from 41.60.165.102 (MU/Mauritius/-): 5 in the last 3600 secs (0-122)
Hacking