πΊπΈ
TPI-Abuse
2026-07-04 21:39:32
(8 minutes ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 17:39:27.394850 2026] [security2:error] [pid 27126:tid 27126] [client 41.62.64.254:50678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|internetnameregistration.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "internetnameregistration.com"] [uri "/xmlrpc.php"] [unique_id "akl9jzq6WXr6YrT3tUjc7AAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 20:08:10
(1 hour ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 16:08:02.360795 2026] [security2:error] [pid 27469:tid 27469] [client 41.62.64.254:60685] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|georgesmarina.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "georgesmarina.com"] [uri "/xmlrpc.php"] [unique_id "akloIgJrOuWN0DmH1AOwkAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 18:55:24
(2 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 14:55:21.310600 2026] [security2:error] [pid 6034:tid 6057] [client 41.62.64.254:63908] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|sparkhypnotherapy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "sparkhypnotherapy.com"] [uri "/xmlrpc.php"] [unique_id "aklXGTQvSFEtaihsiXej6gAAAJU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
neckaralb-admin.de
2026-07-04 13:33:21
(8 hours ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
π³π±
tmiland
2026-07-04 12:22:16
(9 hours ago)
(wordpress_xmlrpc) WordPress XMLPRC Attack 41.62.64.254 (TN/Tunisia/-): 3 in the last 3600 secs; IP: ...
show more
(wordpress_xmlrpc) WordPress XMLPRC Attack 41.62.64.254 (TN/Tunisia/-): 3 in the last 3600 secs; IP: 41.62.64.254; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 41.62.64.254 - - [04/Jul/2026:14:21:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Jetpack by WordPress.com" 41.62.64.254 - - [04/Jul/2026:14:22:02 +0200] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Jetpack by WordPress.com" 41.62.64.254 - - [04/Jul/2026:14:22:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 415 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
show less
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-04 10:43:10
(11 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 06:43:04.105398 2026] [security2:error] [pid 3045:tid 3090] [client 41.62.64.254:65465] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|dbestcarting.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "dbestcarting.com"] [uri "/xmlrpc.php"] [unique_id "akjjuG7BE6u5y6tUxJ_IlQAAAZA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
konseptit
2026-07-04 10:39:27
(11 hours ago)
(wordpress) Failed wordpress login from 41.62.64.254 (TN/Tunisia/-)
Brute-Force
πΊπΈ
TPI-Abuse
2026-07-04 09:11:18
(12 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 04 05:11:11.866945 2026] [security2:error] [pid 31643:tid 31643] [client 41.62.64.254:52308] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|ixd.net|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ixd.net"] [uri "/xmlrpc.php"] [unique_id "akjOL1w0AAyFZCnzIxeW5gAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π²πΉ
Malta
2026-07-04 04:30:10
(17 hours ago)
41.62.64.254 - - [04/Jul/2026:06:30:09 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://wo ...
show more
41.62.64.254 - - [04/Jul/2026:06:30:09 +0200] "POST /xmlrpc.php HTTP/1.1" "WordPress.com; https://wordpress.com"
show less
Hacking
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 02:52:46
(18 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 22:52:42.130447 2026] [security2:error] [pid 19189:tid 19189] [client 41.62.64.254:61553] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|bbproductionsonline.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bbproductionsonline.com"] [uri "/xmlrpc.php"] [unique_id "akh1eqvouVSNGMRvY40YOwAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
rh24
2026-07-04 02:49:40
(18 hours ago)
(wordpress) Failed wordpress login from 41.62.64.254 (TN/Tunisia/-): (CF_ENABLE)
Brute-Force
π«π·
dynamix
2026-07-04 01:46:01
(20 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-04 01:18:05
(20 hours ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 21:18:00.605794 2026] [security2:error] [pid 32317:tid 32317] [client 41.62.64.254:60864] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|cynosurephotography.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosurephotography.com"] [uri "/xmlrpc.php"] [unique_id "akhfSGpOt7cd5RsTgb9nVQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 21:20:05
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:240335) triggered by 41.62.64.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 17:19:58.941347 2026] [security2:error] [pid 3164:tid 3164] [client 41.62.64.254:64951] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 41.62.64.254 (+1 hits since last alert)|theseoscribe.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "theseoscribe.com"] [uri "/xmlrpc.php"] [unique_id "akgnfq-T_TGxHe2YXa_zngAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-03 19:14:58
(1 day ago)
41.62.64.254 - - [03/Jul/2026:21:14:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by Wo ...
show more
41.62.64.254 - - [03/Jul/2026:21:14:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
41.62.64.254 - - [03/Jul/2026:21:14:38 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.2)"
41.62.64.254 - - [03/Jul/2026:21:14:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
41.62.64.254 - - [03/Jul/2026:21:14:45 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
41.62.64.254 - - [03/Jul/2026:21:14:57 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
...
show less
Brute-Force
Web App Attack