Anonymous
2026-07-03 07:02:31
(3 hours ago)
[server.tmg.gr] httpd-xmlrpc-post: sites=www.mastermind.gr; logs=/var/log/httpd/domains/tmg.gr.log; ...
show more
[server.tmg.gr] httpd-xmlrpc-post: sites=www.mastermind.gr; logs=/var/log/httpd/domains/tmg.gr.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-03 05:44:12
(4 hours ago)
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 03 01:44:04.860285 2026] [security2:error] [pid 18981:tid 18981] [client 216.247.28.193:38487] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 216.247.28.193 (+1 hits since last alert)|ohwaitiforgot.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "ohwaitiforgot.com"] [uri "/xmlrpc.php"] [unique_id "akdMJE4fVeEm9egLPVE_TAAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-07-02 14:38:03
(19 hours ago)
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 02 10:37:57.222187 2026] [security2:error] [pid 3670:tid 3670] [client 216.247.28.193:59769] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 216.247.28.193 (+1 hits since last alert)|bluemarineboats.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bluemarineboats.com"] [uri "/xmlrpc.php"] [unique_id "akZ3xbxnbJ3H7eWveV2xOAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
alferez
2026-07-02 03:31:20
(1 day ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
Anonymous
2026-07-01 13:44:47
(1 day ago)
216.247.28.193 - - [01/Jul/2026:15:44:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by ...
show more
216.247.28.193 - - [01/Jul/2026:15:44:23 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
216.247.28.193 - - [01/Jul/2026:15:44:25 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
216.247.28.193 - - [01/Jul/2026:15:44:34 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "Jetpack by WordPress.com"
216.247.28.193 - - [01/Jul/2026:15:44:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Jetpack by WordPress.com"
216.247.28.193 - - [01/Jul/2026:15:44:46 +0200] "POST /xmlrpc.php HTTP/1.1" 200 593 "-" "WordPress.com; https://wordpress.com"
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-01 06:06:04
(2 days ago)
Trying to access config files
Web App Attack
πͺπΈ
alferez
2026-06-30 06:01:20
(3 days ago)
xmlrpc.php attack DOS
Hacking
Exploited Host
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-30 04:20:01
(3 days ago)
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:19:55.592925 2026] [security2:error] [pid 3222:tid 3222] [client 216.247.28.193:59564] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 216.247.28.193 (+1 hits since last alert)|bigholegolf.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "bigholegolf.com"] [uri "/xmlrpc.php"] [unique_id "akND6z7CpPN3UCCdXAlGTAAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
rh24
2026-06-25 04:22:03
(1 week ago)
(xmlrpc_405) XMLRPC-Bot 405 216.247.28.193 (PH/Philippines/-)
Hacking
π¦πΊ
screwlooseit.com.au
2026-06-24 10:26:16
(1 week ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
US/United States/-
Web App Attack
Anonymous
2026-06-24 10:07:33
(1 week ago)
[da.kdns.gr] httpd-xmlrpc-post: sites=trikoilis.com; logs=/var/log/httpd/domains/trikoilis.com.log; ...
show more
[da.kdns.gr] httpd-xmlrpc-post: sites=trikoilis.com; logs=/var/log/httpd/domains/trikoilis.com.log; samples=/xmlrpc.php
show less
Brute-Force
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 09:46:52
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 05:46:45.622115 2026] [security2:error] [pid 29208:tid 29208] [client 216.247.28.193:21659] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 216.247.28.193 (+1 hits since last alert)|deborahbein.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "deborahbein.com"] [uri "/xmlrpc.php"] [unique_id "ajunhZdmaU1TbNfVeRpUCgAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-24 09:15:31
(1 week ago)
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:240335) triggered by 216.247.28.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 05:15:25.393003 2026] [security2:error] [pid 21559:tid 21559] [client 216.247.28.193:41908] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 216.247.28.193 (+1 hits since last alert)|mytapt.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mytapt.com"] [uri "/xmlrpc.php"] [unique_id "ajugLZ0qNtpSfrUaer1XowAAABI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-24 05:01:49
(1 week ago)
(xmlrpc) Apache: Failed xmlrpc access from 216.247.28.193 (PH/Philippines/-): 10 in the last 3600 se ...
show more
(xmlrpc) Apache: Failed xmlrpc access from 216.247.28.193 (PH/Philippines/-): 10 in the last 3600 secs (0-201)
show less
Hacking
Anonymous
2026-06-21 05:48:43
(1 week ago)
2026-06-21T07:48:42.833865+02:00 aion wordpress[12420]: Blocked authentication attempt for admin fro ...
show more
2026-06-21T07:48:42.833865+02:00 aion wordpress[12420]: Blocked authentication attempt for admin from 216.247.28.193
...
show less
Hacking
Brute-Force