JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 112.207.214.141

112.207.214.141 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 95%: ?

95%

ISP	HOME_DSL
Usage Type	Fixed Line ISP
ASN	AS9299
Hostname(s)	112.207.214.141.pldt.net
Domain Name	pldthome.com
Country	🇵🇭 Philippines
City	Quezon City, National Capital Region

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 112.207.214.141

Whois 112.207.214.141

IP Abuse Reports for 112.207.214.141:

This IP address has been reported a total of 22 times from 17 distinct sources. 112.207.214.141 was first reported on June 7th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 13:29:07 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 09:29:02.429292 2026] [security2:error] [pid 10851:tid 10851] [client 112.207.214.141:29345] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.207.214.141 (+1 hits since last alert)\|michelehoop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "michelehoop.com"] [uri "/xmlrpc.php"] [unique_id "aibDnm8rGbgNEU93l8HtPQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 13:27:15 (2 days ago)	Fail2Ban WordPress login brute-force detected	Brute-Force Web App Attack
Anonymous	2026-06-08 09:33:48 (2 days ago)	112.207.214.141 - - [08/Jun/2026:11:33:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by ... show more 112.207.214.141 - - [08/Jun/2026:11:33:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com" 112.207.214.141 - - [08/Jun/2026:11:33:28 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com" 112.207.214.141 - - [08/Jun/2026:11:33:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 112.207.214.141 - - [08/Jun/2026:11:33:37 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)" 112.207.214.141 - - [08/Jun/2026:11:33:47 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack/12.5; WordPress/6.3; http://site65204801.com" ... show less	Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-08 09:24:39 (2 days ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-08 09:07:59 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 05:07:52.052633 2026] [security2:error] [pid 1456:tid 1456] [client 112.207.214.141:26580] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.207.214.141 (+1 hits since last alert)\|kawkacevents.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "kawkacevents.com"] [uri "/xmlrpc.php"] [unique_id "aiaGaDxEHzdMsRkMj119owAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 05:45:14 (2 days ago)	Fail2ban filtered ...	Web App Attack
🇬🇧 Apache	2026-06-08 05:34:28 (2 days ago)	(mod_security) mod_security (id:240335) triggered by 112.207.214.141 (PH/Philippines/112.207.214.141 ... show more (mod_security) mod_security (id:240335) triggered by 112.207.214.141 (PH/Philippines/112.207.214.141.pldt.net): 5 in the last 300 secs show less	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-08 05:32:54 (2 days ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-201)	Hacking
🇩🇪 ger-stg-sifi1	2026-06-08 03:10:00 (3 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 02:53:00 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 22:52:55.769090 2026] [security2:error] [pid 11810:tid 11810] [client 112.207.214.141:28999] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.207.214.141 (+1 hits since last alert)\|greenlight.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "greenlight.us"] [uri "/xmlrpc.php"] [unique_id "aiYuh-OX0A3QKN_roKMoYgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-08 02:24:52 (3 days ago)	Unauthorized access to webpage admin	Web App Attack
Anonymous	2026-06-08 01:38:03 (3 days ago)	Bot / scanning and/or hacking attempts: POST /xmlrpc.php HTTP/1.1	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 01:19:35 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:19:31.398040 2026] [security2:error] [pid 6758:tid 6758] [client 112.207.214.141:27804] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.207.214.141 (+1 hits since last alert)\|vanmeer.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "vanmeer.info"] [uri "/xmlrpc.php"] [unique_id "aiYYoxerIrPG4oI0JMC5LQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 YF	2026-06-07 12:00:29 (3 days ago)	xmlrpc.php Potential DDoS or brute force	DDoS Attack Brute-Force
🇺🇸 TPI-Abuse	2026-06-07 10:12:37 (3 days ago)	(mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 i ... show more (mod_security) mod_security (id:240335) triggered by 112.207.214.141 (112.207.214.141.pldt.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 06:12:35.028686 2026] [security2:error] [pid 17808:tid 17808] [client 112.207.214.141:26185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 112.207.214.141 (+1 hits since last alert)\|telecompros.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "telecompros.net"] [uri "/xmlrpc.php"] [unique_id "aiVEE5WpWg7z89DxkWrM0wAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.251

🇮🇷 158.255.74.115

🇮🇳 117.211.208.123

🇷🇴 109.100.14.222

🇧🇬 91.191.209.118

🇬🇧 87.236.176.62

🇧🇪 34.38.219.198

🇩🇪 193.124.20.227

🇳🇱 178.16.55.142

🇮🇳 175.100.177.195

🇳🇬 152.32.141.2

🇺🇸 91.230.168.123

🇺🇸 64.62.156.34

🇨🇳 58.243.208.200

🇳🇱 45.148.10.152

🇭🇰 218.190.8.165

🇷🇺 213.180.203.182

🇲🇽 189.240.44.9

🇳🇱 185.223.235.34

🇳🇱 185.223.235.23