|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 30 ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 04 08:46:52.327563 2026] [security2:error] [pid 26051:tid 26051] [client 192.0.101.228:51498] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.101.228 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "adEIPKS1kzLwwyuO8i6NMgAAAAU"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1775306812&nonce=yKf27QOPmH&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=Tz%2BhhdV1F7nIjXqyQZX300AynGw%3D
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 30 ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 09:20:52.718598 2026] [security2:error] [pid 3170508:tid 3170508] [client 192.0.101.228:48680] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.101.228 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "aY8zRIMIYMjmFtmvNlm3oQAAAAY"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1770992452&nonce=vS8UB7lxPC&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=xgxvcQ9VDo8mxwyY1P%2BdyHIGjeY%3D
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 30 ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 30 08:50:48.478581 2025] [security2:error] [pid 7850:tid 7850] [client 192.0.101.228:61254] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.101.228 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "aSxLuDc2AznCywsqqeypdQAAABI"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1764510648&nonce=3GP3AixRPZ&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=PKfzLVab%2BwSEi9HDgTdAKRITvtg%3D
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 30 ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 25 09:29:27.102374 2025] [security2:error] [pid 22712:tid 22712] [client 192.0.101.228:12268] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.101.228 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "aIOGtwA1Tn0xtPCHkps5pwAAAAI"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1753450167&nonce=EslXw2L1Z0&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=8TTO1d5ZJLGl042jypTVsQZpF%2FM%3D
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 30 ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 29 08:28:29.440125 2024] [security2:error] [pid 28283:tid 28283] [client 192.0.101.228:64644] [client 192.0.101.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.101.228 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "Z3FOfQU8OjNB3rO3mOM4pwAAAA8"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1735478909&nonce=Jf1BC6Jv2n&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=iuRhBCrGPJmyJEaDQ43GzzpXWoM%3D
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 30 ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 18 08:41:31.606459 2024] [security2:error] [pid 18279:tid 18279] [client 192.0.101.228:55448] [client 192.0.101.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.101.228 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "ZpkNezAusGF3k1Rg_XslpQAAABw"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1721306491&nonce=T6aUWnkG6P&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=ZgAKWI%2FoMleZDTy4rNqSllR1bpA%3D
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
Anonymous
|
|
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
|
Brute-Force
SSH
|
|
|
๐บ๐ธ
TPI-Abuse
|
|
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 30 ...
show more
(mod_security) mod_security (id:240335) triggered by 192.0.101.228 (wordpress.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 15 08:06:59.820977 2024] [security2:error] [pid 5007] [client 192.0.101.228:62304] [client 192.0.101.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 192.0.101.228 (+1 hits since last alert)|www.dixiegeek.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.dixiegeek.com"] [uri "/xmlrpc.php"] [unique_id "Zc4Mc_YJHCLA98aW3DvltgAAAAg"], referer: https://www.dixiegeek.com/xmlrpc.php?for=jetpack&token=1q9Je5bEbzwhrQxb5lIM%2A4y%21EWgzQ3%24m%3A1%3A0×tamp=1708002419&nonce=1bik0QDG3r&body-hash=METbiCw%2BtMQdctk0fdLMNlXOKKM%3D&signature=4tBpCPMU6WmJr2ta0ai%2F02867M8%3D
show less
|
Brute-Force
Bad Web Bot
Web App Attack
|
|
|
๐ช๐ธ
10dencehispahard SL
|
|
Unauthorized login attempts [{'apache-syn-flood', 'wordpress-xmlrpc'}]
|
Brute-Force
Web App Attack
|
|
|
๐ฉ๐ฐ
wnbhosting.dk
|
|
WP xmlrpc [2022-09-30T14:43:49+02:00]
|
Hacking
Web App Attack
|
|
|
๐ฉ๐ช
OiledAmoeba
|
|
192.0.101.228 - - [11/Jul/2022:01:00:31 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&toke ...
show more
192.0.101.228 - - [11/Jul/2022:01:00:31 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657494030&nonce=EgMrr9nB4M&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=QXbm0exNgdaAUvwWh3RuI4cM5Jg%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657494030&nonce=EgMrr9nB4M&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=QXbm0exNgdaAUvwWh3RuI4cM5Jg%3D" "Jetpack by WordPress.com" "-" 0.504 "-"
...
show less
|
Brute-Force
|
|
|
๐ฉ๐ช
OiledAmoeba
|
|
192.0.101.228 - - [10/Jul/2022:22:52:28 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&toke ...
show more
192.0.101.228 - - [10/Jul/2022:22:52:28 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657486347&nonce=SPpldA7Wi1&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=cQXMC0fKBfx5AqI0Gk8W3jniwEI%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657486347&nonce=SPpldA7Wi1&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=cQXMC0fKBfx5AqI0Gk8W3jniwEI%3D" "Jetpack by WordPress.com" "-" 0.476 "-"
...
show less
|
Brute-Force
|
|
|
๐ฉ๐ช
OiledAmoeba
|
|
192.0.101.228 - - [10/Jul/2022:21:32:04 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&toke ...
show more
192.0.101.228 - - [10/Jul/2022:21:32:04 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657481523&nonce=MFnbFj8UsZ&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=WHhriA8Z2g9PvBb4IVHO310h6ZY%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657481523&nonce=MFnbFj8UsZ&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=WHhriA8Z2g9PvBb4IVHO310h6ZY%3D" "Jetpack by WordPress.com" "-" 0.418 "-"
192.0.101.228 - - [10/Jul/2022:21:33:20 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657481600&nonce=elHwNN2sb4&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=EAeATBRH7F3CskSX0u5bTGW4r1Q%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657481600&nonce=elHwNN2sb4&b
...
show less
|
Brute-Force
|
|
|
๐ฉ๐ช
OiledAmoeba
|
|
192.0.101.228 - - [10/Jul/2022:20:35:30 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&toke ...
show more
192.0.101.228 - - [10/Jul/2022:20:35:30 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657478130&nonce=xq4z3ottzd&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=KXLCTkrLSF%2BWSP0ajlUYP8xSfwk%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657478130&nonce=xq4z3ottzd&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=KXLCTkrLSF%2BWSP0ajlUYP8xSfwk%3D" "Jetpack by WordPress.com" "-" 0.429 "-"
192.0.101.228 - - [10/Jul/2022:20:47:28 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657478847&nonce=tmsrKGW563&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=bTZySPOBQCVmmW%2FFIGFySz7Fq%2Fo%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657478847&nonce=tmsr
...
show less
|
Brute-Force
|
|
|
๐ฉ๐ช
OiledAmoeba
|
|
192.0.101.228 - - [10/Jul/2022:18:51:47 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&toke ...
show more
192.0.101.228 - - [10/Jul/2022:18:51:47 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657471906&nonce=qlVtD26XSu&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=udxC3sik2%2Bvmfe6T0JXyZcGm7jg%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657471906&nonce=qlVtD26XSu&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=udxC3sik2%2Bvmfe6T0JXyZcGm7jg%3D" "Jetpack by WordPress.com" "-" 0.466 "-"
192.0.101.228 - - [10/Jul/2022:19:27:28 +0200] "www.ruhnke.cloud" "POST /xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657474047&nonce=DXuv3GyFAh&body-hash=zM6wtlIR3F15tOMR6hYdh1YDU3A%3D&signature=Qb4DMIiSUmwNp2FCw7bYG%2BOsaLc%3D HTTP/1.1" 500 0 "https://www.ruhnke.cloud/xmlrpc.php?for=jetpack&token=yI%23s%25wmqLKwF%21%251wV%2Awt2sUbDMmapK%288%3A1%3A1×tamp=1657474047&nonce=DXuv3G
...
show less
|
Brute-Force
|
|