๐ซ๐ท
SpaceHost-Server
2026-07-17 22:28:39
(2 hours ago)
Brute-Force
Web App Attack
๐ซ๐ท
dynamix
2026-07-17 10:43:03
(13 hours ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
rh24
2026-07-17 10:34:56
(14 hours ago)
(xmlrpc_405) XMLRPC-Bot 405 164.100.214.91 (IN/India/-)
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 08:50:47
(15 hours ago)
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:50:38.450360 2026] [security2:error] [pid 7364:tid 7364] [client 164.100.214.91:8551] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 164.100.214.91 (+1 hits since last alert)|wildlandconservancy.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "wildlandconservancy.com"] [uri "/xmlrpc.php"] [unique_id "alns3j1ZGsFfle50ai55twAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 07:14:29
(17 hours ago)
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 03:14:23.303622 2026] [security2:error] [pid 18190:tid 18190] [client 164.100.214.91:9010] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 164.100.214.91 (+1 hits since last alert)|energycapitalinvestments.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "energycapitalinvestments.com"] [uri "/xmlrpc.php"] [unique_id "alnWT4Y-JIGv5bDGkK3yHAAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
SpaceHost-Server
2026-07-16 22:27:12
(1 day ago)
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-15 11:43:43
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 15 07:43:35.427746 2026] [security2:error] [pid 8470:tid 8470] [client 164.100.214.91:6293] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 164.100.214.91 (+1 hits since last alert)|stellabluesales.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "stellabluesales.com"] [uri "/xmlrpc.php"] [unique_id "aldyZ_7TSreOaihGR9eMYQAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-15 11:08:36
(2 days ago)
[redacted] 164.100.214.91 - - [15/Jul/2026:13:07:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 164.100.214.91 - - [15/Jul/2026:13:07:54 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 164.100.214.91 - - [15/Jul/2026:13:08:03 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 164.100.214.91 - - [15/Jul/2026:13:08:14 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.1)"
[redacted] 164.100.214.91 - - [15/Jul/2026:13:08:24 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/12.5; WordPress/6.3; http://site66507829.com"
[redacted] 164.100.214.91 - - [15/Jul/2026:13:08:35 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-15 08:03:55
(2 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐ฉ๐ช
akasolutions.de
2026-07-15 07:33:19
(2 days ago)
(wordpress) Failed wordpress login from 164.100.214.91 (IN/India/-)
Brute-Force
๐บ๐ธ
TPI-Abuse
2026-07-13 07:10:31
(4 days ago)
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 164.100.214.91 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 03:10:27.324420 2026] [security2:error] [pid 18948:tid 18951] [client 164.100.214.91:9253] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 164.100.214.91 (+1 hits since last alert)|pref-realestate.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pref-realestate.com"] [uri "/xmlrpc.php"] [unique_id "alSPYwwU7ped-c9f5rZnigAAAQA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
neckaralb-admin.de
2026-06-30 08:17:43
(2 weeks ago)
(wordpress) Failed login wp-login.php or xmlrpc.php
Web App Attack
Anonymous
2026-06-25 11:33:02
(3 weeks ago)
[redacted] 164.100.214.91 - - [25/Jun/2026:13:31:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 164.100.214.91 - - [25/Jun/2026:13:31:58 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
[redacted] 164.100.214.91 - - [25/Jun/2026:13:32:08 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.1; WordPress 6.3)"
[redacted] 164.100.214.91 - - [25/Jun/2026:13:32:19 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack/13.0; WordPress/6.3; http://site70678614.com"
[redacted] 164.100.214.91 - - [25/Jun/2026:13:32:40 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.1)"
[redacted] 164.100.214.91 - - [25/Jun/2026:13:33:01 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "WordPress.com; https://wordpress.com"
...
show less
Hacking
Web App Attack
Anonymous
2026-06-24 12:31:51
(3 weeks ago)
[redacted] 164.100.214.91 - - [24/Jun/2026:14:30:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" " ...
show more
[redacted] 164.100.214.91 - - [24/Jun/2026:14:30:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 164.100.214.91 - - [24/Jun/2026:14:31:18 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 164.100.214.91 - - [24/Jun/2026:14:31:29 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 164.100.214.91 - - [24/Jun/2026:14:31:39 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
[redacted] 164.100.214.91 - - [24/Jun/2026:14:31:50 +0200] "POST /xmlrpc.php HTTP/1.1" 405 428 "-" "Jetpack by WordPress.com"
...
show less
Hacking
Web App Attack
๐บ๐ธ
integrantservices.com
2026-06-24 11:31:01
(3 weeks ago)
(wordpress) Failed wordpress login from 164.100.214.91 (IN/India/-)
Brute-Force