๐ซ๐ฎ
KnightIndustries
2026-07-17 12:07:54
(2 days ago)
2026-07-17T14:07:32.520076+02:00 milkyway wordpress(learncryptography.pw)[3779467]: XML-RPC authenti ...
show more
2026-07-17T14:07:32.520076+02:00 milkyway wordpress(learncryptography.pw)[3779467]: XML-RPC authentication failure for macminty from 212.164.178.163
2026-07-17T14:07:42.941482+02:00 milkyway wordpress(learncryptography.pw)[3753275]: XML-RPC authentication failure for macminty from 212.164.178.163
2026-07-17T14:07:53.453300+02:00 milkyway wordpress(learncryptography.pw)[3777179]: XML-RPC authentication failure for macminty from 212.164.178.163
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
IndigoRidge
2026-07-17 11:13:35
(2 days ago)
212.164.178.163 - - [17/Jul/2026:07:11:49 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5262 "-" "WordPress ...
show more
212.164.178.163 - - [17/Jul/2026:07:11:49 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5262 "-" "WordPress.com; https://wordpress.com"
212.164.178.163 - - [17/Jul/2026:07:12:52 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5262 "-" "WordPress.com; https://wordpress.com"
212.164.178.163 - - [17/Jul/2026:07:13:13 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5262 "-" "WordPress.com; https://wordpress.com"
212.164.178.163 - - [17/Jul/2026:07:13:23 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5262 "-" "WordPress.com; https://wordpress.com"
212.164.178.163 - - [17/Jul/2026:07:13:34 -0400] "POST /xmlrpc.php HTTP/1.0" 200 5262 "-" "WordPress.com; https://wordpress.com"
...
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-17 08:36:37
(2 days ago)
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 04:36:29.903318 2026] [security2:error] [pid 5194:tid 5194] [client 212.164.178.163:28563] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.164.178.163 (+1 hits since last alert)|atidysort.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "atidysort.com"] [uri "/xmlrpc.php"] [unique_id "alnpjV0TOgM-wW0iGtweewAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 17:36:17
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 13:36:10.300578 2026] [security2:error] [pid 13236:tid 13303] [client 212.164.178.163:17384] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.164.178.163 (+1 hits since last alert)|cynosureinternetservices.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "cynosureinternetservices.com"] [uri "/xmlrpc.php"] [unique_id "alkWihgj19VxACadNTUdLwAAAgE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 12:53:50
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 08:53:42.173311 2026] [security2:error] [pid 23362:tid 23362] [client 212.164.178.163:28975] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.164.178.163 (+1 hits since last alert)|seskalee.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "seskalee.com"] [uri "/xmlrpc.php"] [unique_id "aljUVkm6sWegxT5yVBSaPQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-16 12:52:05
(3 days ago)
[redacted] 212.164.178.163 - - [16/Jul/2026:14:51:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" ...
show more
[redacted] 212.164.178.163 - - [16/Jul/2026:14:51:21 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com"
[redacted] 212.164.178.163 - - [16/Jul/2026:14:51:32 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com"
[redacted] 212.164.178.163 - - [16/Jul/2026:14:51:42 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com"
[redacted] 212.164.178.163 - - [16/Jul/2026:14:51:53 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 13.0; WordPress 6.1)"
[redacted] 212.164.178.163 - - [16/Jul/2026:14:52:04 +0200] "POST /xmlrpc.php HTTP/1.1" 405 415 "-" "Jetpack by WordPress.com (Jetpack 12.0; WordPress 6.3)"
...
show less
Hacking
Web App Attack
๐ซ๐ท
dynamix
2026-07-16 12:51:54
(3 days ago)
WordPress XMLRPC Brute Force Attack
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-16 07:57:39
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Po ...
show more
(mod_security) mod_security (id:240335) triggered by 212.164.178.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 03:57:31.766411 2026] [security2:error] [pid 29168:tid 29168] [client 212.164.178.163:29913] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 212.164.178.163 (+1 hits since last alert)|pleaseaddbacon.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "pleaseaddbacon.com"] [uri "/xmlrpc.php"] [unique_id "aliO6_CWY0fIXDwm2HNgIQAAAAk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2025-11-25 17:24:11
(7 months ago)
scanning http requests from known botnet
Web App Attack