JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 41.69.28.29

41.69.28.29 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 43%: ?

43%

ISP	Vodafone Data Routes
Usage Type	Fixed Line ISP
ASN	AS24835
Domain Name	vodafone.com
Country	🇪🇬 Egypt
City	Cairo, Cairo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 41.69.28.29

Whois 41.69.28.29

IP Abuse Reports for 41.69.28.29:

This IP address has been reported a total of 10 times from 6 distinct sources. 41.69.28.29 was first reported on June 1st 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 06:51:04 (12 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:51:01.099850 2026] [security2:error] [pid 19005:tid 19005] [client 41.69.28.29:62139] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.69.28.29 (+1 hits since last alert)\|ixd.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ixd.net"] [uri "/xmlrpc.php"] [unique_id "ai5PVengxpSR9OlJN4vcxgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 rh24	2026-06-14 06:48:54 (12 hours ago)	(xmlrpc_405) XMLRPC-Bot 405 41.69.28.29 (EG/Egypt/-)	Hacking
🇺🇸 TPI-Abuse	2026-06-14 06:20:32 (13 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 02:20:28.514076 2026] [security2:error] [pid 3051:tid 3051] [client 41.69.28.29:54537] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.69.28.29 (+1 hits since last alert)\|newcitypark.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "newcitypark.com"] [uri "/xmlrpc.php"] [unique_id "ai5ILDUfDmwTzuktKYXW0QAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-14 06:18:06 (13 hours ago)	WordPress XMLRPC Brute Force Attack	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 04:49:20 (14 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 00:49:13.965247 2026] [security2:error] [pid 3895:tid 3895] [client 41.69.28.29:56399] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.69.28.29 (+1 hits since last alert)\|d-sinema.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "d-sinema.com"] [uri "/xmlrpc.php"] [unique_id "ai4yyfvs6TfVAnVJdDR3mgAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 04:46:19 (14 hours ago)	[redacted] 41.69.28.29 - - [14/Jun/2026:06:45:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jet ... show more [redacted] 41.69.28.29 - - [14/Jun/2026:06:45:33 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 41.69.28.29 - - [14/Jun/2026:06:45:43 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.0; WordPress/6.4; http://site53322606.com" [redacted] 41.69.28.29 - - [14/Jun/2026:06:45:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.2)" [redacted] 41.69.28.29 - - [14/Jun/2026:06:46:05 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" [redacted] 41.69.28.29 - - [14/Jun/2026:06:46:15 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com" ... show less	Hacking Web App Attack
🇬🇧 Apache	2026-06-14 02:47:23 (16 hours ago)	(mod_security) mod_security (id:240335) triggered by 41.69.28.29 (EG/Egypt/-): 5 in the last 300 sec ... show more (mod_security) mod_security (id:240335) triggered by 41.69.28.29 (EG/Egypt/-): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇺🇸 integrantservices.com	2026-06-11 11:44:00 (3 days ago)	(wordpress) Failed wordpress login from 41.69.28.29 (EG/Egypt/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-06-09 12:16:15 (5 days ago)	(mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 08:16:07.270653 2026] [security2:error] [pid 14320:tid 14320] [client 41.69.28.29:60499] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.69.28.29 (+1 hits since last alert)\|riser-astrology.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "riser-astrology.com"] [uri "/xmlrpc.php"] [unique_id "aigEB17g5kz448I-7U9oRQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-01 20:39:48 (1 week ago)	(mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 41.69.28.29 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 16:39:40.691334 2026] [security2:error] [pid 10353:tid 10353] [client 41.69.28.29:60363] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 41.69.28.29 (+1 hits since last alert)\|peterjohnsonauthor.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "peterjohnsonauthor.com"] [uri "/xmlrpc.php"] [unique_id "ah3uDKU6OPnPrzZmXoQx_QAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 61.37.150.6

🇨🇳 182.204.181.151

🇪🇨 181.39.158.27

🇩🇿 154.243.94.8

🇧🇩 103.183.62.0

🇹🇭 101.109.253.244

🇳🇱 91.92.241.196

🇬🇧 87.236.176.81

🇩🇪 64.89.163.28

🇬🇧 34.39.16.70

🇬🇧 195.96.139.201

🇻🇳 171.237.176.209

🇩🇪 167.172.108.197

🇺🇸 157.230.150.187

🇹🇭 110.238.115.146

🇩🇪 69.5.169.245

🇨🇳 42.194.181.182

🇬🇧 213.166.84.62

🇧🇪 198.235.24.217

🇯🇵 152.32.146.182