πΊπΈ
TPI-Abuse
2026-07-13 13:35:52
(1 day ago)
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 09:35:47.251612 2026] [security2:error] [pid 13251:tid 13251] [client 192.0.100.164:24416] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.100.164 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "alTps93Q0hiVOiLjzlalnwAAABQ"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1783949747&nonce=k9iM1RDluM&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=bXi4fZMUy7X8JClVhP7Gsv8%2BheY%3D
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-02-08 12:57:56
(5 months ago)
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 08 07:57:53.804459 2026] [security2:error] [pid 411864:tid 411864] [client 192.0.100.164:12330] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.100.164 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "aYiIUSNJWcfoleL9loJIkAAAAAc"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1770555473&nonce=pOELZPygS7&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=r4y2lRkjIYma2dKT%2BAeYq5G93JA%3D
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-06-22 12:55:15
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 22 08:55:09.958422 2025] [security2:error] [pid 1671620:tid 1671620] [client 192.0.100.164:24008] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.100.164 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "aFf9LWVt3k3e0Tu5hD_m5gAAAAQ"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1750596909&nonce=fUvqEFzQXT&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=nTxqxnqE5mfyLRyTMlSKG4an5jU%3D
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2024-10-26 18:18:41
(1 year ago)
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 26 14:18:37.607791 2024] [security2:error] [pid 27664:tid 27664] [client 192.0.100.164:6422] [client 192.0.100.164] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.100.164 (+1 hits since last alert)|www.adoniahenterprises.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.adoniahenterprises.com"] [uri "/xmlrpc.php"] [unique_id "Zx0yfWUy4vf5QRSTpZ1aGQAAAAw"], referer: https://www.adoniahenterprises.com/xmlrpc.php?for=jetpack&token=jVAvIuNaG2qd%25MO9St9d%5EyMBX7%25ZnLjy%3A1%3A0×tamp=1729966717&nonce=2dxFBWK45O&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=gneDIl0trLEpD5vAE2z4l1S7kVQ%3D
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2024-04-29 08:32:12
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-24 10:01:09
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-23 03:31:38
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-18 12:47:39
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-04-16 08:32:42
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2023-12-14 13:05:14
(2 years ago)
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.100.164 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 14 08:05:07.852356 2023] [security2:error] [pid 19715] [client 192.0.100.164:14984] [client 192.0.100.164] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.100.164 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "ZXr9g3QcwxW-JNB8A4knvwAAABY"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1702559107&nonce=zWdXWacVgG&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=XO6m5IfRqGIrAum%2B2xzIX7585PQ%3D
show less
Brute-Force
Bad Web Bot
Web App Attack
π©π°
wnbhosting.dk
2023-04-17 12:45:02
(3 years ago)
WP xmlrpc [2023-04-17T14:45:02+02:00]
Hacking
Web App Attack
π©π°
wnbhosting.dk
2023-03-31 12:45:00
(3 years ago)
WP xmlrpc [2023-03-31T14:45:00+02:00]
Hacking
Web App Attack
π©π°
wnbhosting.dk
2022-12-10 11:52:48
(3 years ago)
WP xmlrpc [2022-12-10T12:52:48+01:00]
Hacking
Web App Attack
π©πͺ
OiledAmoeba
2022-07-10 19:16:47
(4 years ago)
192.0.100.164 - - [11/Jul/2022:01:16:46 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&toke ...
show more
192.0.100.164 - - [11/Jul/2022:01:16:46 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657495005&nonce=uUYolBuZHn&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=y7%2F62V0nNMQjthfBNo0Hzo6i%2BR4%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657495005&nonce=uUYolBuZHn&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=y7%2F62V0nNMQjthfBNo0Hzo6i%2BR4%3D" "Jetpack by WordPress.com" "-" 0.803 "-"
...
show less
Brute-Force
π©πͺ
OiledAmoeba
2022-07-10 16:47:07
(4 years ago)
192.0.100.164 - - [10/Jul/2022:22:47:06 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&toke ...
show more
192.0.100.164 - - [10/Jul/2022:22:47:06 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657486025&nonce=0tIvRcGpK1&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=e9BJn6FuTt6qIlpGh7AI6R2%2BGLM%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657486025&nonce=0tIvRcGpK1&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=e9BJn6FuTt6qIlpGh7AI6R2%2BGLM%3D" "Jetpack by WordPress.com" "-" 0.449 "-"
...
show less
Brute-Force